O desenvolvimento deste trabalho tem origem, inicialmente, na coleta dos dados a serem analisados. Para tal, utilizou-se o dataset [i] obtido da KISA, com 682 aplica¸c˜oes, para obter uma quantidade significativa das PHAs. Tendo acesso aos dados, foi necess´ario passar por um processo de descompress˜ao, visto que os mesmos estavam como APK.
Conseguindo visualizar os arquivos que continham os c´odigos, durante a etapa de pr´e- processamento foi necess´ario a utiliza¸c˜ao de um programa chamado AXMLPrinter2[ii]para transformar o arquivo AndroidManifest.XML em formato leg´ıvel. Logo ap´os ser poss´ıvel a leitura, foi rodado um script escrito em Shell, o qual buscava por linhas em todos os Manifestos que continham as permiss˜oes que foram utilizadas no desenvolvimento de cada aplica¸c˜ao.
Com isso, foi elaborado um arquivo .txt contendo a lista com todos os 682 PHAs juntamente com as permiss˜oes utilizadas por cada um, processo chamado de extra¸c˜ao de atributos. O fluxo do processo foi exemplificado na Figura3.1.
Figura 3.1: Sele¸c˜ao de Modelo: Fluxo de Trabalho Esquem´atico
Fonte: Adaptado de Roth e Lange(2004)
Com os atributos adquiridos, foi poss´ıvel fazer algumas an´alises iniciais, admitindo que foram encontradas um total de 56 permiss˜oes nas aplica¸c˜oes contidas do dataset. As permiss˜oes mais usadas, estando presente em 681 das 682 aplica¸c˜oes foram INTER- NET e READ PHONE STATE. J´a as permiss˜oes menos utilizadas, estando presente em apenas 1 aplica¸c˜ao foram CHANGE WIFI MULTICAST STATE, INSTALL DRM, PRO- CESS INCOMING CALL e WRITE APN SETTINGS. As demais permiss˜oes est˜ao entre essas faixas de utiliza¸c˜ao.
Com o intuito de reduzir a quantidade de permiss˜oes encontradas, optou-se por remover as mais utilizadas e as que menos foram. Buscando obter melhores resultados quando fosse realizar o clustering.
Em seguida, foi elaborado um arquivo .csv onde continham todos os PHAs e as per- miss˜oes, sendo organizados como mostrado a ´ultima parte da Figura 3.1, nas linhas es- tavam contidas as aplica¸c˜oes e nas colunas as permiss˜oes. As aplica¸c˜oes que continham a permiss˜ao eram marcados com 1 (um) e nas que n˜ao tinham 0 (zero). Desse modo, poderia ser aplicado o m´etodo de clustering.
[i]
Dataset com todas as aplica¸c˜oes: https://drive.google.com/file/d/ 14m0GxgtJWDlVOvttmOlUfi54h9y7j-Bj/view?usp=sharing
[ii]Dispon´ıvel em:
J
onde J corresponde ao coeficiente de similaridade de Jaccard, que ´e dado por J = M11
M01+ M10+ M11
. (3.2)
Nesta equa¸c˜ao, s˜ao computadas as combina¸c˜oes entre os valores 0 e 1 dos atributos de cada PHA, onde, sendo A e B dois vetores de dois PHAs,
• M11 representa o n´umero total de atributos onde tanto em A quanto em B possuem
valor 1;
• M01 representa o n´umero total de atributos onde em A ´e 0 e em B ´e 1;
• M10 representa o n´umero total de atributos onde em A ´e 1 e em B ´e 0;
• M00 representa o n´umero total de atributos onde tanto em A quanto em B possuem valor 0.
A partir do c´alculo destas distˆancias, pˆode-se elaborar uma matriz de dissimilaridade, como pode ser observada na Figura3.2 a seguir. Quanto mais semelhante as permiss˜oes contidas nos PHAs mais azul, com distˆancia iguais ou mais pr´oximas a zero e quanto mais diferentes mais vermelho com distˆancias mais pr´oximas ou iguais a um. A matriz de dissimilaridade consiste no grau de diferen¸ca entre o conte´udo existente em uma aplica¸c˜ao e as demais.
Com esses dados obtidos, foi realizado o clustering a partir das permiss˜oes, utilizando o Pvclust para isto, obtendo um total de 23 clusters diferentes. O cluster e as permiss˜oes contidas no mesmo s˜ao mostrados na Tabela3.1
Tabela 3.1: Permiss˜oes por cluster.
Clusters Permiss˜oes Utilizadas
1 ACCESS WIFI STATE, INTERNET, MOUNT UNMOUNT FILESYSTEMS,
READ CONTACTS, READ PHONE STATE, RECEIVE SMS,
WRITE EXTERNAL STORAGE
2 ACCESS WIFI STATE, BIND DEVICE ADMIN, CALL PHONE, GET TASKS, INTER- NET, MOUNT FORMAT FILESYSTEMS, MOUNT UNMOUNT FILESYSTEMS, PROCESS OUTGOING CALLS, READ CONTACTS, READ PHONE STATE, READ SMS, RECEIVE BOOT COMPLETED, RECEIVE SMS, SEND SMS, SYS- TEM ALERT WINDOW, WRITE EXTERNAL STORAGE
3 ACCESS NETWORK STATE, BIND DEVICE ADMIN, GET TASKS, IN- TERNET, KILL BACKGROUND PROCESSES, READ CONTACTS, READ PHONE STATE, READ SMS, RECEIVE BOOT COMPLETED, RE- CEIVE SMS, SEND SMS, UPDATE APP OPS STATS, VIBRATE, WRITE CONTACTS, WRITE EXTERNAL STORAGE, WRITE SMS
4 INTERNET, READ PHONE STATE, READ SMS, RECEIVE SMS, SEND SMS, WRITE EXTERNAL STORAGE
5 ACCESS NETWORK STATE, CAMERA, INTERNET, READ PHONE STATE, SYS- TEM ALERT WINDOW, WRITE EXTERNAL STORAGE
24 Cap´ıtulo 3. Desenvolvimento
6 ACCESS NETWORK STATE, ACCESS WIFI STATE, BIND DEVICE ADMIN, CALL PHONE, CHANGE WIFI STATE, GET TASKS, INSTALL SHORTCUT, IN- TERNET, KILL BACKGROUND PROCESSES, MODIFY AUDIO SETTINGS, MO- DIFY PHONE STATE, READ CONTACTS, READ LOGS, READ PHONE STATE, RECEIVE BOOT COMPLETED, RECEIVE SMS, RESTART PACKAGES, SEND SMS, SYSTEM ALERT WINDOW, UNINSTALL SHORTCUT, VIBRATE, WAKE LOCK, WRITE CONTACTS, WRITE EXTERNAL STORAGE
7 ACCESS NETWORK STATE, ACCESS WIFI STATE, ADD SYSTEM SERVICE, BIND DEVICE ADMIN, CHANGE WIFI STATE, INTERNET, MOUNT UNMOUNT FILESYSTEMS, READ CONTACTS, READ PHONE STATE, READ SMS, RECEIVE BOOT COMPLETED, RECEIVE MMS, RECEIVE SMS, RE- CEIVE WAP PUSH, SEND SMS, WRITE EXTERNAL STORAGE, WRITE SMS 8 ACCESS WIFI STATE, CALL PHONE, GET TASKS, INSTALL SHORTCUT, INTER-
NET, MOUNT UNMOUNT FILESYSTEMS, READ PHONE STATE, READ SMS, RE- CEIVE SMS, WRITE EXTERNAL STORAGE
9 ACCESS NETWORK STATE, ACCESS WIFI STATE, BIND SERVICE ADMIN, CALL PHONE, CHANGE WIFI STATE, INTERNET, READ CALL LOG,
READ CONTACTS, READ PHONE STATE, READ SMS, RE-
CEIVE BOOT COMPLETED, RECEIVE MMS, RECEIVE SMS, RECORD AUDIO, SEND SMS, WAKE LOCK, WRITE CALL LOG, WRITE CONTACTS, WRITE EXTERNAL STORAGE, WRITE SETTINGS, WRITE SMS
10 ACCESS NETWORK STATE, ACCESS WIFI STATE, ADD SYSTEM SERVICE, BROADCAST STICKY, CALL PHONE, CHANGE WIFI STATE, INTERNET, MOUNT UNMOUNT FILESYSTEMS, READ CALL LOG, READ CONTACTS, READ PHONE STATE, READ SMS, RECEIVE BOOT COMPLETED, RECEIVE SMS, SEND SMS, WAKE LOCK, WRITE CALL LOG, WRITE EXTERNAL STORAGE, WRITE SMS
11 BIND DEVICE ADMIN, CALL PHONE, INTERNET, MODIFY PHONE STATE, READ PHONE STATE, READ SMS, RECEIVE BOOT COMPLETED, RECEIVE SMS, SEND SMS, WRITE SETTINGS
12 ACCESS NETWORK STATE, BIND DEVICE ADMIN, CALL PHONE, CHANGE NETWORK STATE, CHANGE WIFI STATE, GET TASKS, INTER- NET, MOUNT UNMOUNT FILESYSTEMS, PROCESS OUTGOING CALLS, READ CALL LOG, READ CONTACTS, READ PHONE STATE, READ SMS, RECEIVE BOOT COMPLETED, RECEIVE SMS, SEND SMS, VIBRATE, WRITE CALL LOG, WRITE EXTERNAL STORAGE, WRITE SETTINGS, WRITE SMS
13 BIND DEVICE ADMIN, INTERNET, READ PHONE STATE, READ SMS, RE- CEIVE BOOT COMPLETED, RECEIVE SMS, SEND SMS, WRITE SETTINGS 14 ACCESS NETWORK STATE, ACCESS WIFI STATE, BIND DEVICE ADMIN,
CHANGE WIFI STATE, DISABLE KEYGUARD, GET TASKS, INTERNET, READ CONTACTS, READ EXTERNAL STORAGE, READ PHONE STATE, READ SMS, RECEIVE BOOT COMPLETED, RECEIVE SMS, SEND SMS, SYSTEM ALERT WINDOW, WAKE LOCK, WRITE EXTERNAL STORAGE, WRITE SETTINGS, WRITE SMS
15 ACCESS COARSE LOCATION, ACCESS MOCK LOCATION, AC- CESS NETWORK STATE, ACCESS WIFI STATE, CHANGE WIFI STATE, INTER- NET, MOUNT UNMOUNT FILESYSTEMS, READ PHONE STATE, READ SMS, RECEIVE SMS, SEND SMS, WRITE EXTERNAL STORAGE, WRITE SMS
16 ACCESS COARSE LOCATION, ACCESS FINE LOCATION, AC- CESS NETWORK STATE, ACCESS WIFI STATE, ANSWER PHONE, DE- LETE PACKAGES, INSTALL PACKAGES, INTERNET, READ CONTACTS, READ PHONE STATE, READ SMS, RECEIVE BOOT COMPLETED, RECEIVE SMS, SEND SMS, SYSTEM ALERT WINDOW, SYSTEM OVERLAY WINDOW, VI- BRATE, WAKE LOCK, WRITE CONTACTS, WRITE EXTERNAL STORAGE, WRITE SETTINGS
17 ACCESS NETWORK STATE, BIND DEVICE ADMIN, CALL PHONE, GET TASKS, INTERNET, MODIFY PHONE STATE, PROCESS OUTGOING CALLS,
READ CONTACTS, READ PHONE STATE, READ SMS, RE-
CEIVE BOOT COMPLETED, RECEIVE SMS, SEND SMS, SYS- TEM ALERT WINDOW, VIBRATE, WAKE LOCK, WRITE CONTACTS, WRITE EXTERNAL STORAGE, WRITE SMS
18 CALL PHONE, INSTALL SHORTCUT, INTERNET, MOUNT UNMOUNT FILESYSTEMS,
READ CONTACTS, READ PHONE STATE, READ SMS, RE-
CEIVE BOOT COMPLETED, RECEIVE SMS, SEND SMS,
20 ACCESS NETWORK STATE, ACCESS WIFI STATE, ANSWER PHONE, BIND DEVICE ADMIN, CALL PHONE, DELETE PACKAGES, GET TASKS, INSTALL PACKAGES, INTERNET, MODIFY AUDIO SETTINGS, MO- DIFY PHONE STATE, MOUNT UNMOUNT FILESYSTEMS, PRO- CESS OUTGOING CALLS, READ CONTACTS, READ LOGS, READ PHONE STATE, RECEIVE BOOT COMPLETED, RECEIVE SMS, SEND SMS, SYS- TEM ALERT WINDOW, VIBRATE, WAKE LOCK, WRITE CONTACTS, WRITE EXTERNAL STORAGE
21 ACCESS COARSE LOCATION, ACCESS FINE LOCATION, AC- CESS MOCK LOCATION, BIND DEVICE ADMIN, CALL PHONE, IN- TERNET, READ CONTACTS, READ PHONE STATE, READ SMS, RE- CEIVE BOOT COMPLETED, RECEIVE SMS, RECORD AUDIO, SEND SMS, WRITE CONTACTS, WRITE SETTINGS
22 ACCESS NETWORK STATE, BIND DEVICE ADMIN, CALL PHONE, IN- TERNET, MOUNT UNMOUNT FILESYSTEMS, READ PHONE STATE,
RECEIVE BOOT COMPLETED, RECEIVE SMS, SEND SMS,
WRITE EXTERNAL STORAGE
23 MOUNT UNMOUNT FILESYSTEMS, WRITE EXTERNAL STORAGE
O processo para obten¸c˜ao da lista de Inten¸c˜oes foi semelhante ao das Permiss˜oes, mostrado na Figura3.1, o ´unico processo que houve diferen¸ca foi no momento da extra¸c˜ao de atributos. Apesar de todos os PHAs utilizarem as Inten¸c˜oes LAUNCHER e MAIN, as mesmas n˜ao podem ser removidas pois h´a aplica¸c˜oes que possuem somente estas Inten¸c˜oes por serem iniciadores de a¸c˜oes nas aplica¸c˜oes.
A mesma an´alise foi feita com as Inten¸c˜oes, sendo tamb´em calculada a distˆancia bin´aria e elaborado a sua matriz de dissimilaridade, apresentada na Figura3.3. Da mesma ma- neira, as partes indicadas em azul apresentam maior similaridade, que obteve valores iguais a zero ou pr´oximos dele e as partes apresentadas em vermelho s˜ao as que mais se diferem, onde o m´aximo valor encontrado foi 0.96875.
Da mesma forma, foi utilizado o Pvclust para a realiza¸c˜ao do clustering. Com isso, foram obtidos 17 clusters, que podem ser observados juntamente com as Intents utilizadas por cada um na Tabela3.2a seguir.
Tabela 3.2: Intents por cluster.
Clusters Intents Utilizadas 1 LAUNCHER, MAIN
2 ACTION SHUTDOWN, BOOT COMPLETED, LAUNCHER, MAIN,
26 Cap´ıtulo 3. Desenvolvimento
3 ACTION POWER CONNECTED, ACTION POWER DISCONNECTED, AC- TION SHUTDOWN, AIRPLANE MODE, BATTERY CHANGED, BAT- TERY LOW, BATTERY OKAY, BOOT COMPLETED, CAMERA BUTTON, CLOSE SYSTEM DIALOGS, DATE CHANGED, DEVICE STORAGE LOW, DE- VICE STORAGE OK, DOCK EVENT, EXTERNAL APPLICATIONS AVAILABLE, EXTERNAL APPLICATIONS UNAVAILABLE, GTALK CONNECTED, GTALK DISCONNECTED, HEADSET PLUG, HOME, INPUT METHOD CHANGED, LAUNCHER, LOCALE CHANGED, MAIN, MANAGE PACKAGE STORAGE, ME- DIA BAD REMOVAL, MEDIA BUTTON, MEDIA CHECKING, MEDIA EJECT, ME- DIA MOUNTED, MEDIA NOFS, MEDIA REMOVED, MEDIA SCANNER FINISHED, MEDIA SCANNER SCAN FILE, MEDIA SCANNER STARTED, MEDIA SHARED, MEDIA UNMOUNTABLE, MEDIA UNMOUNTED, MY PACKAGE REPLACED, NEW OUTGOING CALL, PACKAGE ADDED, PACKAGE CHANGED, PAC- KAGE DATA CLEARED, PACKAGE FIRST LAUNCH, PACKAGE FULLY REMOVED, PACKAGE INSTALL, PACKAGE NEEDS VERIFICATION, PACKAGE REMOVED, PACKAGE REPLACED, PACKAGE RESTARTED, PHONE STATE, PROVI- DER CHANGED, TIME SET, TIME TICK, TIMEZONE CHANGED, UID REMOVED, UMS CONNECTED, UMS DISCONNECTED, USER PRESENT, WALLPA- PER CHANGED
4 BOOT COMPLETED, DEFAULT, HOME, LAUNCHER, MAIN, PACKAGE ADDED, PACKAGE REMOVED, PHONE STATE, USER PRESENT
5 BOOT COMPLETED, LAUNCHER, MAIN 6 LAUNCHER, MAIN, NEW OUTGOING CALL 7 default, LAUNCHER, MAIN, PHONE STATE
8 ACTION SHUTDOWN, BOOT COMPLETED, LAUNCHER, MAIN, USER PRESENT 9 default, LAUNCHER, MAIN
10 BOOT COMPLETED, HOME, LAUNCHER, MAIN, USER PRESENT
11 BOOT COMPLETED, DEFAULT, LAUNCHER, MAIN, PACKAGE ADDED, PAC- KAGE REMOVED
12 ACTION SHUTDOWN, BOOT COMPLETED, DEFAULT, LAUNCHER, MAIN, NEW OUTGOING CALL, USER PRESENT
13 BOOT COMPLETED, LAUNCHER, MAIN, PHONE STATES
14 DEFAULT, LAUNCHER, MAIN, NEW OUTGOING CALL, PACKAGE ADDED, PAC- KAGE CHANGED, PACKAGE REMOVED, PHONE STATE
15 DEFAULT, LAUNCHER, MAIN
16 BATTERY CHANGED, BOOT COMPLETED, default, LAUNCHER, MAIN, NEW OUTGOING CALL, PHONE STATE, SCREEN ON
17 BOOT COMPLETED, DEFAULT, LAUNCHER, MAIN, NEW OUTGOING CALL, PHONE STATE