Security News > 2024 > March > RiskInDroid: Open-source risk analysis of Android apps

RiskInDroid is an open-source tool for quantitative risk analysis of Android applications based on machine learning techniques.

"A user should be able to quickly assess an application's level of risk by simply glancing at RiskInDroid's output, and they should be able to compare the app's risk with others easily," Gabriel Claudiu Georgiu, developer of RiskInDroid, told Help Net Security.

Declared permissions - Extracted from the app manifest.

Exploited permissions - Declared and used in the bytecode.

Useless permissions - Declared but never used in the bytecode.

Future plans and download. "Currently there are no future versions planned, I just make sure everything works with the latest versions of Python and occasionally update the underlying libraries. Probably the most straightforward improvement would be to include other features in the analysis. Now, only permissions are considered, but we could also consider API calls and URLs that can be extracted through static analysis as we did for permissions, Georgiu concluded."

News URL

https://www.helpnetsecurity.com/2024/03/06/riskindroid-open-source-risk-analysis-android-apps/