Due to Android's open source feature and low barriers to entry for
developers, millions of developers and third-party organizations have been
attracted into the Android ecosystem. However, over 90 percent of mobile
malware are found targeted on Android. Though Android provides multiple
security features and layers to protect user data and system resources, there
are still some over-privileged applications in Google Play Store or third-party
Android app stores at wild. In this paper, we proposed an approach to map
system level behavior and Android APIs, based on the observation that system
level behaviors cannot be avoided but sensitive Android APIs could be evaded.
To the best of our knowledge, our approach provides the first work to map
system level behavior and Android APIs through System Call Dependence Graphs.
The study also shows that our approach can effectively identify potential
permission abusing, with almost negligible performance impact.Comment: 14 pages, 6 figure