Rooted Android Devices Risk Assessment using Analytic Hierarchy Process
Date
2023-09
Journal Title
Journal ISSN
Volume Title
Type
Article
Publisher
IEEE
Series Info
1st International Conference of Intelligent Methods, Systems and Applications, IMSA 2023;Pages 105 - 1112023
Scientific Journal Rankings
Abstract
Attackers are targeting rooted Android mobile devices to gain access to confidential data such as credit cards and banking transactions. Despite the removal of rooting applications from Google Play Store, attackers still provide easy rooting methods through third-party application stores. Previous studies have focused on rooting detection systems, but they have ignored Android rooting risk assessment, impacting device security. This research introduces a risk assessment framework for Android devices named ARAS, which uses three risk criteria: system, privacy, and financial criteria. ARAS extracts Android static analysis features and adopts Analytic Hierarchy Process (AHP) pairwise comparison methodology to decide the rooting risk level. The proposed scoring model is applied to a rooted device dataset to demonstrate the risk level assessment. ARAS introduces four levels of risk: low, medium, high, and critical risk levels, providing a decision support system for allowing or denying rooted devices access to applications and confidential information.
Description
Keywords
Analytic Hierarchy Process; Android rooting; Android security; risk assessment