MAETROID (Multi-criteria App Evaluator of TRust for AndrOID), is a framework to evaluate the trustworthiness of Android apps, i.e., the amount of risk they pose to the users, e.g., in terms of confidentiality and integrity. MAETROID performs a multi-criteria analysis of an app at deploy-time and returns a single easy-to-understand evaluation of the app's risk level (i.e., Trusted, Medium-Risk, and High-Risk), aimed at driving the user decision on whether installing or not a new app. The criteria include the set of requested permissions and a set of metadata retrieved from the marketplace, denoting the app quality and popularity.
We have used the classification algorithm of MAETROID to classify a dataset of 11,046 apps. This dataset is composed of 9,804 apps selected from the official market Google Play, while the remaining 1,242 apps come from the database of known malware Genome. Malicious apps of the Genome database have all been classified as risky from MAETROID. More precisely 85% of the malicious apps of Genome have been classified as High-Risk and the remaining 15% as Medium-Risk. None of the apps from Genome have been classified as Trusted. We have used the apps from Google Play as a control set. The greatest share of Play apps (77.37%) have been classified as Trusted, while 22.4% have been classified as Medium-Risk and only 0.23% with High-Risk.
Main designers and developers: Andrea Saracino (andrea.saracino at iit dot cnr dot it) and Daniele Sgandurra (d.sgandurra at imperial dot ac dot uk).
Link to dataset info and results (11,000 apps).