Last Updated: February 13, 2026
Status: 📝 READY TO IMPLEMENT
Priority: HIGH
Estimated Duration: 10-12 days
- Executive Summary
- Module Overview
- System Architecture
- Implementation Phases
- File Structure
- Verification Plan
The Permission Analysis Module provides offline, deterministic risk assessment of installed applications based on:
- Permission Deviation Analysis - Comparing app permissions against category norms
- Developer Reputation Scoring - Checking against trusted/flagged developer database
- Certificate Trust Validation - Verifying app signing certificates
Key Features:
- ✅ 100% offline operation (no network required)
- ✅ Deterministic scoring (consistent across devices)
- ✅ Low false positive rate through category-based analysis
- ✅ Transparent, interpretable risk scores
- ✅ Built on 2000+ app dataset
graph TD
A[Installed App] --> B[Extract Permissions]
B --> C[Classify Category]
C --> D[Calculate Permission Deviation]
B --> E[Check Developer Reputation]
B --> F[Validate Certificate]
D --> G[Risk Assessment Engine]
E --> G
F --> G
G --> H{Final Risk Score}
H --> I[Safe]
H --> J[Moderate Risk]
H --> K[High Risk]
Final Risk Score = (Permission Deviation × 0.5) + (Developer Reputation × 0.3) + (Certificate Trust × 0.2)
| Score Range | Classification | Action |
|---|---|---|
| 0.0 - 0.3 | Safe | Green indicator, no alert |
| 0.3 - 0.7 | Moderate Risk | Yellow indicator, warning |
| 0.7 - 1.0 | High Risk | Red indicator, strong warning |
┌─────────────────────────────────────────────────────────────┐
│ PRESENTATION LAYER │
│ ┌────────────────────┐ ┌─────────────────────┐ │
│ │ PermissionView.kt │ ◄─────► │ PermissionViewModel │ │
│ │ (Jetpack Compose) │ │ (State Management) │ │
│ └────────────────────┘ └─────────────────────┘ │
└─────────────────────────────────────────────────────────────┘
▼
┌─────────────────────────────────────────────────────────────┐
│ DOMAIN LAYER │
│ ┌──────────────────────────────────────────────────────┐ │
│ │ PermissionAnalysisRepository (Interface) │ │
│ └──────────────────────────────────────────────────────┘ │
│ ┌──────────────────────────────────────────────────────┐ │
│ │ Use Cases: │ │
│ │ • AnalyzeAppPermissions │ │
│ │ • GetRiskScore │ │
│ │ • GetPermissionsByCategory │ │
│ └──────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────┘
▼
┌─────────────────────────────────────────────────────────────┐
│ DATA LAYER │
│ ┌──────────────────────────────────────────────────────┐ │
│ │ PermissionAnalysisRepositoryImpl │ │
│ │ • Permission extraction │ │
│ │ • Category classification │ │
│ │ • Deviation scoring │ │
│ │ • Risk calculation │ │
│ └──────────────────────────────────────────────────────┘ │
│ ▼ ▼ ▼ │
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ │
│ │ Permission │ │ Developer │ │ Certificate │ │
│ │ Classifier │ │ Reputation │ │ Validator │ │
│ │ │ │ Checker │ │ │ │
│ └──────────────┘ └──────────────┘ └──────────────┘ │
└─────────────────────────────────────────────────────────────┘
▼
┌─────────────────────────────────────────────────────────────┐
│ PERSISTENCE LAYER │
│ ┌──────────────────────────────────────────────────────┐ │
│ │ Room Database: │ │
│ │ • CategoryPermissionDao - Category mappings │ │
│ │ • DeveloperReputationDao - Developer index │ │
│ │ • CertificateTrustDao - Certificate store │ │
│ │ • PermissionAnalysisDao - Analysis results │ │
│ └──────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────┘
File: app/src/main/java/com/droid/cybershield/data/local/entity/CategoryPermissionEntity.kt
@Entity(tableName = "category_permissions")
data class CategoryPermissionEntity(
@PrimaryKey(autoGenerate = true)
val id: Long = 0,
@ColumnInfo(name = "category")
val category: String, // e.g., "Social", "Finance", "Games"
@ColumnInfo(name = "permission")
val permission: String, // e.g., "android.permission.CAMERA"
@ColumnInfo(name = "frequency")
val frequency: Float, // 0.0 - 1.0 (percentage of apps in category with this permission)
@ColumnInfo(name = "is_common")
val isCommon: Boolean // true if frequency > 0.5
)File: app/src/main/java/com/droid/cybershield/data/local/entity/DeveloperReputationEntity.kt
@Entity(tableName = "developer_reputation")
data class DeveloperReputationEntity(
@PrimaryKey
@ColumnInfo(name = "developer_name")
val developerName: String,
@ColumnInfo(name = "trust_level")
val trustLevel: TrustLevel, // TRUSTED, NEUTRAL, FLAGGED
@ColumnInfo(name = "reputation_score")
val reputationScore: Float, // 0.0 (worst) - 1.0 (best)
@ColumnInfo(name = "notes")
val notes: String? // e.g., "Google LLC - Verified", "Known malware distributor"
)
enum class TrustLevel {
TRUSTED, // Google, Meta, Samsung, Microsoft, etc.
NEUTRAL, // Unknown developers
FLAGGED // Known policy violators
}File: app/src/main/java/com/droid/cybershield/data/local/entity/CertificateTrustEntity.kt
@Entity(tableName = "certificate_trust")
data class CertificateTrustEntity(
@PrimaryKey
@ColumnInfo(name = "certificate_hash")
val certificateHash: String, // SHA-256 hash of certificate
@ColumnInfo(name = "issuer")
val issuer: String,
@ColumnInfo(name = "subject")
val subject: String,
@ColumnInfo(name = "is_trusted")
val isTrusted: Boolean,
@ColumnInfo(name = "trust_score")
val trustScore: Float // 0.0 - 1.0
)File: app/src/main/java/com/droid/cybershield/data/local/entity/PermissionAnalysisEntity.kt
@Entity(tableName = "permission_analysis")
data class PermissionAnalysisEntity(
@PrimaryKey
@ColumnInfo(name = "package_name")
val packageName: String,
@ColumnInfo(name = "app_name")
val appName: String,
@ColumnInfo(name = "category")
val category: String,
@ColumnInfo(name = "permission_deviation_score")
val permissionDeviationScore: Float, // 0.0 - 1.0
@ColumnInfo(name = "developer_reputation_score")
val developerReputationScore: Float, // 0.0 - 1.0
@ColumnInfo(name = "certificate_trust_score")
val certificateTrustScore: Float, // 0.0 - 1.0
@ColumnInfo(name = "final_risk_score")
val finalRiskScore: Float, // 0.0 - 1.0
@ColumnInfo(name = "risk_level")
val riskLevel: RiskLevel,
@ColumnInfo(name = "suspicious_permissions")
val suspiciousPermissions: String, // JSON array of permission names
@ColumnInfo(name = "analyzed_at")
val analyzedAt: Long // Timestamp
)
enum class RiskLevel {
SAFE,
MODERATE,
HIGH
}File: app/src/main/java/com/droid/cybershield/data/local/dao/CategoryPermissionDao.kt
@Dao
interface CategoryPermissionDao {
@Query("SELECT * FROM category_permissions WHERE category = :category")
suspend fun getPermissionsByCategory(category: String): List<CategoryPermissionEntity>
@Query("SELECT DISTINCT category FROM category_permissions")
suspend fun getAllCategories(): List<String>
@Insert(onConflict = OnConflictStrategy.REPLACE)
suspend fun insertAll(permissions: List<CategoryPermissionEntity>)
@Query("SELECT frequency FROM category_permissions WHERE category = :category AND permission = :permission")
suspend fun getPermissionFrequency(category: String, permission: String): Float?
}File: app/src/main/java/com/droid/cybershield/data/local/dao/DeveloperReputationDao.kt
@Dao
interface DeveloperReputationDao {
@Query("SELECT * FROM developer_reputation WHERE developer_name = :developerName")
suspend fun getDeveloperReputation(developerName: String): DeveloperReputationEntity?
@Query("SELECT * FROM developer_reputation WHERE trust_level = :trustLevel")
suspend fun getDevelopersByTrustLevel(trustLevel: TrustLevel): List<DeveloperReputationEntity>
@Insert(onConflict = OnConflictStrategy.REPLACE)
suspend fun insertAll(developers: List<DeveloperReputationEntity>)
}File: app/src/main/java/com/droid/cybershield/data/local/dao/CertificateTrustDao.kt
@Dao
interface CertificateTrustDao {
@Query("SELECT * FROM certificate_trust WHERE certificate_hash = :hash")
suspend fun getCertificateTrust(hash: String): CertificateTrustEntity?
@Insert(onConflict = OnConflictStrategy.REPLACE)
suspend fun insertAll(certificates: List<CertificateTrustEntity>)
}File: app/src/main/java/com/droid/cybershield/data/local/dao/PermissionAnalysisDao.kt
@Dao
interface PermissionAnalysisDao {
@Query("SELECT * FROM permission_analysis WHERE package_name = :packageName")
suspend fun getAnalysis(packageName: String): PermissionAnalysisEntity?
@Query("SELECT * FROM permission_analysis WHERE risk_level = :riskLevel ORDER BY final_risk_score DESC")
suspend fun getAppsByRiskLevel(riskLevel: RiskLevel): List<PermissionAnalysisEntity>
@Query("SELECT * FROM permission_analysis ORDER BY final_risk_score DESC")
fun getAllAnalysesFlow(): Flow<List<PermissionAnalysisEntity>>
@Insert(onConflict = OnConflictStrategy.REPLACE)
suspend fun insertAnalysis(analysis: PermissionAnalysisEntity)
@Query("DELETE FROM permission_analysis WHERE package_name = :packageName")
suspend fun deleteAnalysis(packageName: String)
}File: app/src/main/java/com/droid/cybershield/data/local/CyberShieldDatabase.kt
Add new DAOs and entities to the database:
@Database(
entities = [
PhishingScanEntity::class,
MalwareCacheEntity::class,
CategoryPermissionEntity::class, // NEW
DeveloperReputationEntity::class, // NEW
CertificateTrustEntity::class, // NEW
PermissionAnalysisEntity::class // NEW
],
version = 2, // Increment version
exportSchema = false
)
abstract class CyberShieldDatabase : RoomDatabase() {
abstract fun phishingDao(): PhishingDao
abstract fun malwareDao(): MalwareDao
abstract fun categoryPermissionDao(): CategoryPermissionDao // NEW
abstract fun developerReputationDao(): DeveloperReputationDao // NEW
abstract fun certificateTrustDao(): CertificateTrustDao // NEW
abstract fun permissionAnalysisDao(): PermissionAnalysisDao // NEW
// ... existing code
}File: app/src/main/assets/category_permission_mapping.json
{
"categories": {
"Social": {
"common_permissions": [
"android.permission.INTERNET",
"android.permission.CAMERA",
"android.permission.READ_CONTACTS",
"android.permission.WRITE_EXTERNAL_STORAGE"
],
"permission_frequencies": {
"android.permission.INTERNET": 0.98,
"android.permission.CAMERA": 0.85,
"android.permission.READ_CONTACTS": 0.75,
"android.permission.RECORD_AUDIO": 0.60
}
},
"Finance": {
"common_permissions": [
"android.permission.INTERNET",
"android.permission.ACCESS_FINE_LOCATION"
],
"permission_frequencies": {
"android.permission.INTERNET": 1.0,
"android.permission.ACCESS_FINE_LOCATION": 0.40,
"android.permission.CAMERA": 0.30
}
},
"Games": {
"common_permissions": [
"android.permission.INTERNET",
"android.permission.ACCESS_NETWORK_STATE"
],
"permission_frequencies": {
"android.permission.INTERNET": 0.95,
"android.permission.ACCESS_NETWORK_STATE": 0.90,
"android.permission.VIBRATE": 0.70
}
},
"Utilities": {
"common_permissions": [
"android.permission.INTERNET"
],
"permission_frequencies": {
"android.permission.INTERNET": 0.60,
"android.permission.WRITE_EXTERNAL_STORAGE": 0.50
}
}
}
}File: app/src/main/assets/developer_reputation.json
{
"trusted_developers": [
{"name": "Google LLC", "score": 1.0},
{"name": "Meta Platforms, Inc.", "score": 0.95},
{"name": "Microsoft Corporation", "score": 0.95},
{"name": "Samsung Electronics Co., Ltd.", "score": 0.95},
{"name": "Apple Inc.", "score": 1.0},
{"name": "Amazon Mobile LLC", "score": 0.90}
],
"flagged_developers": [
{"name": "Example Malware Dev", "score": 0.1, "reason": "Known malware distributor"}
]
}File: app/src/main/java/com/droid/cybershield/core/permission/PermissionExtractor.kt
object PermissionExtractor {
/**
* Extract all permissions from an installed app
*/
fun extractPermissions(context: Context, packageName: String): List<String> {
return try {
val packageInfo = context.packageManager.getPackageInfo(
packageName,
PackageManager.GET_PERMISSIONS
)
packageInfo.requestedPermissions?.toList() ?: emptyList()
} catch (e: Exception) {
Log.e("PermissionExtractor", "Error extracting permissions for $packageName", e)
emptyList()
}
}
/**
* Get dangerous permissions only
*/
fun getDangerousPermissions(permissions: List<String>): List<String> {
return permissions.filter { isDangerousPermission(it) }
}
private fun isDangerousPermission(permission: String): Boolean {
return permission in DANGEROUS_PERMISSIONS
}
private val DANGEROUS_PERMISSIONS = setOf(
"android.permission.READ_CALENDAR",
"android.permission.WRITE_CALENDAR",
"android.permission.CAMERA",
"android.permission.READ_CONTACTS",
"android.permission.WRITE_CONTACTS",
"android.permission.GET_ACCOUNTS",
"android.permission.ACCESS_FINE_LOCATION",
"android.permission.ACCESS_COARSE_LOCATION",
"android.permission.RECORD_AUDIO",
"android.permission.READ_PHONE_STATE",
"android.permission.CALL_PHONE",
"android.permission.READ_CALL_LOG",
"android.permission.WRITE_CALL_LOG",
"android.permission.ADD_VOICEMAIL",
"android.permission.USE_SIP",
"android.permission.PROCESS_OUTGOING_CALLS",
"android.permission.BODY_SENSORS",
"android.permission.SEND_SMS",
"android.permission.RECEIVE_SMS",
"android.permission.READ_SMS",
"android.permission.RECEIVE_WAP_PUSH",
"android.permission.RECEIVE_MMS",
"android.permission.READ_EXTERNAL_STORAGE",
"android.permission.WRITE_EXTERNAL_STORAGE"
)
}File: app/src/main/java/com/droid/cybershield/core/permission/CategoryClassifier.kt
class CategoryClassifier(
private val categoryPermissionDao: CategoryPermissionDao
) {
/**
* Classify app into most likely category based on permissions
*/
suspend fun classifyApp(
packageName: String,
permissions: List<String>
): String {
val categories = categoryPermissionDao.getAllCategories()
var bestCategory = "Utilities" // Default
var highestScore = 0.0
for (category in categories) {
val categoryPermissions = categoryPermissionDao.getPermissionsByCategory(category)
val score = calculateCategoryScore(permissions, categoryPermissions)
if (score > highestScore) {
highestScore = score
bestCategory = category
}
}
return bestCategory
}
private fun calculateCategoryScore(
appPermissions: List<String>,
categoryPermissions: List<CategoryPermissionEntity>
): Double {
val categoryPermissionSet = categoryPermissions.map { it.permission }.toSet()
val matchCount = appPermissions.count { it in categoryPermissionSet }
return if (appPermissions.isEmpty()) 0.0
else matchCount.toDouble() / appPermissions.size
}
}File: app/src/main/java/com/droid/cybershield/core/permission/PermissionDeviationCalculator.kt
class PermissionDeviationCalculator(
private val categoryPermissionDao: CategoryPermissionDao
) {
/**
* Calculate how much app's permissions deviate from category norms
* Returns score 0.0 (normal) to 1.0 (highly abnormal)
*/
suspend fun calculateDeviation(
category: String,
appPermissions: List<String>
): Float {
val categoryPermissions = categoryPermissionDao.getPermissionsByCategory(category)
val categoryPermissionMap = categoryPermissions.associate {
it.permission to it.frequency
}
var deviationScore = 0f
var unusualPermissionCount = 0
for (permission in appPermissions) {
val frequency = categoryPermissionMap[permission]
when {
frequency == null -> {
// Permission not common in this category
deviationScore += 0.3f
unusualPermissionCount++
}
frequency < 0.1f -> {
// Very rare permission for this category
deviationScore += 0.2f
unusualPermissionCount++
}
frequency < 0.3f -> {
// Uncommon permission
deviationScore += 0.1f
}
// Common permissions (frequency >= 0.3) add no deviation
}
}
// Normalize score
val normalizedScore = if (appPermissions.isEmpty()) 0f
else (deviationScore / appPermissions.size).coerceIn(0f, 1f)
return normalizedScore
}
/**
* Get list of suspicious permissions (those that are unusual for the category)
*/
suspend fun getSuspiciousPermissions(
category: String,
appPermissions: List<String>
): List<String> {
val categoryPermissions = categoryPermissionDao.getPermissionsByCategory(category)
val categoryPermissionMap = categoryPermissions.associate {
it.permission to it.frequency
}
return appPermissions.filter { permission ->
val frequency = categoryPermissionMap[permission]
frequency == null || frequency < 0.2f
}
}
}File: app/src/main/java/com/droid/cybershield/core/permission/DeveloperReputationChecker.kt
class DeveloperReputationChecker(
private val developerReputationDao: DeveloperReputationDao
) {
/**
* Check developer reputation
* Returns score 0.0 (untrusted) to 1.0 (highly trusted)
*/
suspend fun checkReputation(context: Context, packageName: String): Float {
val developerName = getDeveloperName(context, packageName)
val reputation = developerReputationDao.getDeveloperReputation(developerName)
return when {
reputation != null -> reputation.reputationScore
else -> 0.5f // Neutral score for unknown developers
}
}
private fun getDeveloperName(context: Context, packageName: String): String {
return try {
val appInfo = context.packageManager.getApplicationInfo(packageName, 0)
val installerPackage = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
context.packageManager.getInstallSourceInfo(packageName).installingPackageName
} else {
@Suppress("DEPRECATION")
context.packageManager.getInstallerPackageName(packageName)
}
// Try to get developer from installer or package name
installerPackage ?: packageName.split(".").getOrNull(0) ?: "Unknown"
} catch (e: Exception) {
"Unknown"
}
}
}File: app/src/main/java/com/droid/cybershield/core/permission/CertificateValidator.kt
class CertificateValidator(
private val certificateTrustDao: CertificateTrustDao
) {
/**
* Validate app certificate
* Returns score 0.0 (untrusted) to 1.0 (trusted)
*/
suspend fun validateCertificate(context: Context, packageName: String): Float {
val certificateHash = getCertificateHash(context, packageName)
if (certificateHash == null) {
return 0.3f // Low trust for apps without valid certificate
}
val trustInfo = certificateTrustDao.getCertificateTrust(certificateHash)
return when {
trustInfo != null -> trustInfo.trustScore
else -> 0.5f // Neutral score for unknown certificates
}
}
private fun getCertificateHash(context: Context, packageName: String): String? {
return try {
val packageInfo = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
context.packageManager.getPackageInfo(
packageName,
PackageManager.GET_SIGNING_CERTIFICATES
)
} else {
@Suppress("DEPRECATION")
context.packageManager.getPackageInfo(
packageName,
PackageManager.GET_SIGNATURES
)
}
val signatures = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
packageInfo.signingInfo?.apkContentsSigners
} else {
@Suppress("DEPRECATION")
packageInfo.signatures
}
signatures?.firstOrNull()?.let { signature ->
hashCertificate(signature.toByteArray())
}
} catch (e: Exception) {
Log.e("CertificateValidator", "Error getting certificate for $packageName", e)
null
}
}
private fun hashCertificate(certBytes: ByteArray): String {
val digest = java.security.MessageDigest.getInstance("SHA-256")
val hashBytes = digest.digest(certBytes)
return hashBytes.joinToString("") { "%02x".format(it) }
}
}File: app/src/main/java/com/droid/cybershield/core/permission/RiskAssessmentEngine.kt
object RiskAssessmentEngine {
// Weights for final score calculation
private const val PERMISSION_DEVIATION_WEIGHT = 0.5f
private const val DEVELOPER_REPUTATION_WEIGHT = 0.3f
private const val CERTIFICATE_TRUST_WEIGHT = 0.2f
/**
* Calculate final risk score
* Returns score 0.0 (safe) to 1.0 (high risk)
*/
fun calculateRiskScore(
permissionDeviationScore: Float,
developerReputationScore: Float,
certificateTrustScore: Float
): Float {
// Invert reputation and trust scores (higher is better, but we want higher risk score for worse apps)
val reputationRisk = 1f - developerReputationScore
val certificateRisk = 1f - certificateTrustScore
val finalScore = (
permissionDeviationScore * PERMISSION_DEVIATION_WEIGHT +
reputationRisk * DEVELOPER_REPUTATION_WEIGHT +
certificateRisk * CERTIFICATE_TRUST_WEIGHT
)
return finalScore.coerceIn(0f, 1f)
}
/**
* Classify risk level based on score
*/
fun classifyRiskLevel(score: Float): RiskLevel {
return when {
score < 0.3f -> RiskLevel.SAFE
score < 0.7f -> RiskLevel.MODERATE
else -> RiskLevel.HIGH
}
}
}File: app/src/main/java/com/droid/cybershield/domain/model/PermissionAnalysisResult.kt
data class PermissionAnalysisResult(
val packageName: String,
val appName: String,
val category: String,
val permissionDeviationScore: Float,
val developerReputationScore: Float,
val certificateTrustScore: Float,
val finalRiskScore: Float,
val riskLevel: RiskLevel,
val suspiciousPermissions: List<String>,
val totalPermissions: Int,
val dangerousPermissions: List<String>
)File: app/src/main/java/com/droid/cybershield/domain/repository/PermissionAnalysisRepository.kt
interface PermissionAnalysisRepository {
suspend fun analyzeApp(context: Context, packageName: String): PermissionAnalysisResult
suspend fun analyzeAllInstalledApps(context: Context): List<PermissionAnalysisResult>
suspend fun getAnalysis(packageName: String): PermissionAnalysisResult?
suspend fun getAppsByRiskLevel(riskLevel: RiskLevel): List<PermissionAnalysisResult>
fun getAllAnalysesFlow(): Flow<List<PermissionAnalysisResult>>
}File: app/src/main/java/com/droid/cybershield/data/repository/PermissionAnalysisRepositoryImpl.kt
class PermissionAnalysisRepositoryImpl @Inject constructor(
private val categoryPermissionDao: CategoryPermissionDao,
private val developerReputationDao: DeveloperReputationDao,
private val certificateTrustDao: CertificateTrustDao,
private val permissionAnalysisDao: PermissionAnalysisDao
) : PermissionAnalysisRepository {
private val categoryClassifier = CategoryClassifier(categoryPermissionDao)
private val deviationCalculator = PermissionDeviationCalculator(categoryPermissionDao)
private val reputationChecker = DeveloperReputationChecker(developerReputationDao)
private val certificateValidator = CertificateValidator(certificateTrustDao)
override suspend fun analyzeApp(
context: Context,
packageName: String
): PermissionAnalysisResult = withContext(Dispatchers.Default) {
// 1. Extract permissions
val permissions = PermissionExtractor.extractPermissions(context, packageName)
val dangerousPermissions = PermissionExtractor.getDangerousPermissions(permissions)
// 2. Classify category
val category = categoryClassifier.classifyApp(packageName, permissions)
// 3. Calculate permission deviation
val deviationScore = deviationCalculator.calculateDeviation(category, permissions)
val suspiciousPermissions = deviationCalculator.getSuspiciousPermissions(category, permissions)
// 4. Check developer reputation
val reputationScore = reputationChecker.checkReputation(context, packageName)
// 5. Validate certificate
val certificateScore = certificateValidator.validateCertificate(context, packageName)
// 6. Calculate final risk score
val finalScore = RiskAssessmentEngine.calculateRiskScore(
deviationScore,
reputationScore,
certificateScore
)
val riskLevel = RiskAssessmentEngine.classifyRiskLevel(finalScore)
// 7. Get app name
val appName = try {
val appInfo = context.packageManager.getApplicationInfo(packageName, 0)
context.packageManager.getApplicationLabel(appInfo).toString()
} catch (e: Exception) {
packageName
}
// 8. Create result
val result = PermissionAnalysisResult(
packageName = packageName,
appName = appName,
category = category,
permissionDeviationScore = deviationScore,
developerReputationScore = reputationScore,
certificateTrustScore = certificateScore,
finalRiskScore = finalScore,
riskLevel = riskLevel,
suspiciousPermissions = suspiciousPermissions,
totalPermissions = permissions.size,
dangerousPermissions = dangerousPermissions
)
// 9. Save to database
saveAnalysis(result)
result
}
override suspend fun analyzeAllInstalledApps(
context: Context
): List<PermissionAnalysisResult> = withContext(Dispatchers.Default) {
val packageManager = context.packageManager
val installedApps = packageManager.getInstalledApplications(PackageManager.GET_META_DATA)
installedApps.map { appInfo ->
analyzeApp(context, appInfo.packageName)
}
}
private suspend fun saveAnalysis(result: PermissionAnalysisResult) {
val entity = PermissionAnalysisEntity(
packageName = result.packageName,
appName = result.appName,
category = result.category,
permissionDeviationScore = result.permissionDeviationScore,
developerReputationScore = result.developerReputationScore,
certificateTrustScore = result.certificateTrustScore,
finalRiskScore = result.finalRiskScore,
riskLevel = result.riskLevel,
suspiciousPermissions = result.suspiciousPermissions.joinToString(","),
analyzedAt = System.currentTimeMillis()
)
permissionAnalysisDao.insertAnalysis(entity)
}
// ... other methods
}File: app/src/main/java/com/droid/cybershield/presentation/permission/PermissionAnalysisViewModel.kt
@HiltViewModel
class PermissionAnalysisViewModel @Inject constructor(
private val repository: PermissionAnalysisRepository
) : ViewModel() {
private val _analysisResults = MutableStateFlow<List<PermissionAnalysisResult>>(emptyList())
val analysisResults: StateFlow<List<PermissionAnalysisResult>> = _analysisResults.asStateFlow()
private val _isScanning = MutableStateFlow(false)
val isScanning: StateFlow<Boolean> = _isScanning.asStateFlow()
fun scanAllApps(context: Context) {
viewModelScope.launch {
_isScanning.value = true
try {
val results = repository.analyzeAllInstalledApps(context)
_analysisResults.value = results
} catch (e: Exception) {
Log.e("PermissionAnalysisVM", "Error scanning apps", e)
} finally {
_isScanning.value = false
}
}
}
fun getHighRiskApps(): List<PermissionAnalysisResult> {
return _analysisResults.value.filter { it.riskLevel == RiskLevel.HIGH }
}
}File: app/src/main/java/com/droid/cybershield/presentation/permission/PermissionAnalysisView.kt
@Composable
fun PermissionAnalysisView(
viewModel: PermissionAnalysisViewModel = hiltViewModel()
) {
val context = LocalContext.current
val analysisResults by viewModel.analysisResults.collectAsState()
val isScanning by viewModel.isScanning.collectAsState()
Column(modifier = Modifier.fillMaxSize()) {
// Header with scan button
Button(onClick = { viewModel.scanAllApps(context) }) {
Text(if (isScanning) "Scanning..." else "Scan All Apps")
}
// Results list
LazyColumn {
items(analysisResults) { result ->
PermissionAnalysisCard(result)
}
}
}
}
@Composable
fun PermissionAnalysisCard(result: PermissionAnalysisResult) {
Card(
modifier = Modifier.fillMaxWidth().padding(8.dp),
colors = CardDefaults.cardColors(
containerColor = when (result.riskLevel) {
RiskLevel.SAFE -> Color.Green.copy(alpha = 0.1f)
RiskLevel.MODERATE -> Color.Yellow.copy(alpha = 0.1f)
RiskLevel.HIGH -> Color.Red.copy(alpha = 0.1f)
}
)
) {
Column(modifier = Modifier.padding(16.dp)) {
Text(result.appName, style = MaterialTheme.typography.titleMedium)
Text("Category: ${result.category}")
Text("Risk: ${result.riskLevel}")
Text("Score: ${(result.finalRiskScore * 100).toInt()}%")
}
}
}File: app/src/test/java/com/droid/cybershield/core/permission/RiskAssessmentEngineTest.kt
# Run unit tests
./gradlew testTest Cases:
- Test risk score calculation with various inputs
- Test risk level classification boundaries
- Test permission deviation scoring
- Test category classification
File: app/src/androidTest/java/com/droid/cybershield/PermissionAnalysisIntegrationTest.kt
# Run integration tests
./gradlew connectedAndroidTestTest Cases:
- Test full analysis flow on real app
- Test database operations
- Test offline data loading
-
Install app on device
./gradlew installDebug
-
Navigate to Permission Analysis screen
- Open app
- Go to "Permission Analysis" tab
-
Scan installed apps
- Tap "Scan All Apps" button
- Verify progress indicator shows
- Wait for scan to complete
-
Verify results
- Check that apps are categorized correctly
- Verify risk levels make sense (e.g., system apps should be SAFE)
- Check that high-risk apps show suspicious permissions
-
Test specific scenarios:
- Install a flashlight app → Should be categorized as "Utilities"
- If it requests SMS/Camera → Should show HIGH risk
- Google apps → Should show SAFE (trusted developer)
| App Type | Expected Category | Expected Risk Level |
|---|---|---|
| Social | SAFE (trusted developer) | |
| Chrome | Utilities | SAFE (Google) |
| Flashlight with SMS permission | Utilities | HIGH (unusual permission) |
| Unknown game with many permissions | Games | MODERATE to HIGH |
app/src/main/
├── assets/
│ ├── category_permission_mapping.json (NEW)
│ └── developer_reputation.json (NEW)
├── java/com/droid/cybershield/
│ ├── core/
│ │ └── permission/
│ │ ├── PermissionExtractor.kt (NEW)
│ │ ├── CategoryClassifier.kt (NEW)
│ │ ├── PermissionDeviationCalculator.kt (NEW)
│ │ ├── DeveloperReputationChecker.kt (NEW)
│ │ ├── CertificateValidator.kt (NEW)
│ │ └── RiskAssessmentEngine.kt (NEW)
│ ├── data/
│ │ ├── local/
│ │ │ ├── entity/
│ │ │ │ ├── CategoryPermissionEntity.kt (NEW)
│ │ │ │ ├── DeveloperReputationEntity.kt (NEW)
│ │ │ │ ├── CertificateTrustEntity.kt (NEW)
│ │ │ │ └── PermissionAnalysisEntity.kt (NEW)
│ │ │ └── dao/
│ │ │ ├── CategoryPermissionDao.kt (NEW)
│ │ │ ├── DeveloperReputationDao.kt (NEW)
│ │ │ ├── CertificateTrustDao.kt (NEW)
│ │ │ └── PermissionAnalysisDao.kt (NEW)
│ │ └── repository/
│ │ └── PermissionAnalysisRepositoryImpl.kt (NEW)
│ ├── domain/
│ │ ├── model/
│ │ │ └── PermissionAnalysisResult.kt (NEW)
│ │ └── repository/
│ │ └── PermissionAnalysisRepository.kt (NEW)
│ └── presentation/
│ └── permission/
│ ├── PermissionAnalysisView.kt (NEW)
│ └── PermissionAnalysisViewModel.kt (NEW)
Total New Files: 22 files
Estimated Lines of Code: ~2,500 lines
- Review this implementation plan
- Prepare offline reference data (2000+ app dataset)
- Begin Phase 1 implementation
- Test incrementally after each phase
- Document findings and edge cases
Status: ✅ READY FOR IMPLEMENTATION