Analysis of Permission Selection Techniques in Machine Learning-based Malicious App Detection

2020 IEEE Third International Conference on Artificial Intelligence and Knowledge Engineering (AIKE) Pub Date : 2020-12-01 DOI:10.1109/AIKE48582.2020.00021

Jihyeon Park, Munyeong Kang, Seong-je Cho, Hyoil Han, Kyoungwon Suh

{"title":"Analysis of Permission Selection Techniques in Machine Learning-based Malicious App Detection","authors":"Jihyeon Park, Munyeong Kang, Seong-je Cho, Hyoil Han, Kyoungwon Suh","doi":"10.1109/AIKE48582.2020.00021","DOIUrl":null,"url":null,"abstract":"With the increasing popularity of the Android platform, we have seen the rapid growth of malicious Android applications recently. Considering that the heavy use of applications on mobile phones such as games, emails, and social network services has become a crucial part of our daily life, we have become more vulnerable to malicious applications running on mobile devices. To alleviate this hostile environment of Android mobile applications, we propose a malware detection approach that (1) extracts both built-in permissions and custom permissions requested by Android apps from their Manifest.xml and (2) applies the permissions and a Random Forest classifier to Android applications for classifying them into benign and malicious. The Random Forest classifier learns a model using the permissions to classify the input dataset of 45,311 Android applications. In the learned model, an optimal subset of permissions has been identified and then using the subset of permissions we could achieve 94.23% accuracy in detecting malware.","PeriodicalId":370671,"journal":{"name":"2020 IEEE Third International Conference on Artificial Intelligence and Knowledge Engineering (AIKE)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE Third International Conference on Artificial Intelligence and Knowledge Engineering (AIKE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AIKE48582.2020.00021","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

With the increasing popularity of the Android platform, we have seen the rapid growth of malicious Android applications recently. Considering that the heavy use of applications on mobile phones such as games, emails, and social network services has become a crucial part of our daily life, we have become more vulnerable to malicious applications running on mobile devices. To alleviate this hostile environment of Android mobile applications, we propose a malware detection approach that (1) extracts both built-in permissions and custom permissions requested by Android apps from their Manifest.xml and (2) applies the permissions and a Random Forest classifier to Android applications for classifying them into benign and malicious. The Random Forest classifier learns a model using the permissions to classify the input dataset of 45,311 Android applications. In the learned model, an optimal subset of permissions has been identified and then using the subset of permissions we could achieve 94.23% accuracy in detecting malware.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于机器学习的恶意应用程序检测中的权限选择技术分析

随着Android平台的日益普及，我们也看到了恶意Android应用程序的快速增长。考虑到在手机上大量使用应用程序，如游戏，电子邮件和社交网络服务已经成为我们日常生活的重要组成部分，我们越来越容易受到移动设备上运行的恶意应用程序的攻击。为了缓解Android移动应用程序的这种敌对环境，我们提出了一种恶意软件检测方法:(1)从Android应用程序的Manifest.xml中提取内置权限和自定义权限，(2)将权限和随机森林分类器应用于Android应用程序，将其分为良性和恶意。随机森林分类器使用权限学习模型，对45,311个Android应用程序的输入数据集进行分类。在学习模型中，我们确定了一个最优的权限子集，并利用该子集对恶意软件进行检测，准确率达到94.23%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2020 IEEE Third International Conference on Artificial Intelligence and Knowledge Engineering (AIKE)

自引率

0.00%

发文量