1. CompSci 725 RiskRanker Authors Michael Grace - North Carolina State University, Raleigh, NC, USA & NQ Mobile Security Research Center, Beijing, China Yajin Zhou - North Carolina State University, Raleigh, NC, USA Qiang Zhang - NQ Mobile Security Research Center, Beijing, China Shihong Zou - NQ Mobile Security Research Center, Beijing, China Xuxian Jiang - North Carolina State University, Raleigh, NC, USA & NQ Mobile Security Research Center, Beijing, China Published in: Mobisys ’12 Proceedings of the 10 th international conference on Mobile systems, applications and services Pages 281 – 294 ACM New York, NY, USA © 2012 Vijay Anand

2. Summary RiskRanker  Scalable and Accurate Zero-day Android Malware Detection. “We consider a malicious app to be a zero- day if it has not been reported before and cannot be detected by anti-virus software at the time of discovery.” Vijay Anand

3. Appreciative Points 1.It is a unique analysis system that can automatically detect whether a particular app exhibits dangerous behavior. 2.It identifies malware without using known samples and their signatures. Vijay Anand

4. Appreciation (Cont.) 3.It identify apps with risky behavior while they are in the app market. 4.“RiskRanker employs a unique two- step method of discovering malware. This two-step method greatly improves the accuracy in identifying patterns of seemingly innocent API uses that can actually be malware.” Vijay Anand

5. Critical Comment  It does not check for confused- deputy attacks that target the IPC layer. Vijay Anand

6. Question Many apps collect more information that they need to function and blithely send it to external parties. However, it is an open question on where the line should be drawn on such information leaks, and how much apps need to disclose to the user about how their information is being used? Vijay Anand

7. Thank You Vijay Anand