Conference Proceeding Article
Mobile applications are popular in recent years. They are often allowed to access and modify users' sensitive data. However, many mobile applications are malwares that inappropriately use these sensitive data. To detect these malwares, Gorla et al. Propose CHABADA which compares app behaviors against its descriptions. Data about known malwares are not used in their work, which limits its effectiveness. In this work, we extend the work by Gorla et al. By proposing an active and semi-supervised approach for detecting malwares. Different from CHABADA, our approach will make use of both known benign and malicious apps to predict other malicious apps. Also, our approach will select a good set of apps for experts to label as malicious or benign to form a set of labeled training data -- it is an active approach. Furthermore, it will make use of both labeled data (known malicious or benign apps) and unlabeled data (unknown apps) -- it is a semi-supervised approach. We have evaluated our approach by using a set of 22,555 Android apps. Our approach achieves a good performance in detecting malicious apps with a precision of 99.82%, recall of 92.50%, and F-measure of 96.02%. Our approach improves CHABADA by 365.8%, 64.8%, 209.6% in terms of precision, recall, and F-measure.
App Mining, Malware Detection, Deviant Behavior Detection, Text Mining, Classification
Computer Sciences | Software Engineering
Software and Cyber-Physical Systems
2015 IEEE 39th Annual Computers Software and Applications Conference (COMPSAC): 1-5 July 2015, Taichung, Taiwan: Proceedings
City or Country
MA SIQI; WANG, Shaowei; David LO; DENG, Robert H.; and SUN, Cong.
Active Semi-supervised Approach for Checking App Behavior against its Description. (2015). 2015 IEEE 39th Annual Computers Software and Applications Conference (COMPSAC): 1-5 July 2015, Taichung, Taiwan: Proceedings. 179-184. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/2885