Active Semi-supervised Approach for Checking App Behavior against its Description

Active Semi-supervised Approach for Checking App Behavior against its Description

Mobile applications are popular in recent years. They are often allowed to access and modify users' sensitive data. However, many mobile applications are malwares that inappropriately use these sensitive data. To detect these malwares, Gorla et al. Propose CHABADA which compares app behaviors a...

Full description

Saved in:
Bibliographic Details
Main Authors: MA SIQI, WANG, Shaowei, David LO, DENG, Robert H., SUN, Cong
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2015
Subjects:
App Mining
Malware Detection
Deviant Behavior Detection
Text Mining
Classification
Computer Sciences
Software Engineering
Online Access:https://ink.library.smu.edu.sg/sis_research/2885
https://ink.library.smu.edu.sg/context/sis_research/article/3885/viewcontent/compsac15_malware.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:Mobile applications are popular in recent years. They are often allowed to access and modify users' sensitive data. However, many mobile applications are malwares that inappropriately use these sensitive data. To detect these malwares, Gorla et al. Propose CHABADA which compares app behaviors against its descriptions. Data about known malwares are not used in their work, which limits its effectiveness. In this work, we extend the work by Gorla et al. By proposing an active and semi-supervised approach for detecting malwares. Different from CHABADA, our approach will make use of both known benign and malicious apps to predict other malicious apps. Also, our approach will select a good set of apps for experts to label as malicious or benign to form a set of labeled training data -- it is an active approach. Furthermore, it will make use of both labeled data (known malicious or benign apps) and unlabeled data (unknown apps) -- it is a semi-supervised approach. We have evaluated our approach by using a set of 22,555 Android apps. Our approach achieves a good performance in detecting malicious apps with a precision of 99.82%, recall of 92.50%, and F-measure of 96.02%. Our approach improves CHABADA by 365.8%, 64.8%, 209.6% in terms of precision, recall, and F-measure.

Similar Items