Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

7-2015

Abstract

Mobile applications are popular in recent years. They are often allowed to access and modify users' sensitive data. However, many mobile applications are malwares that inappropriately use these sensitive data. To detect these malwares, Gorla et al. Propose CHABADA which compares app behaviors against its descriptions. Data about known malwares are not used in their work, which limits its effectiveness. In this work, we extend the work by Gorla et al. By proposing an active and semi-supervised approach for detecting malwares. Different from CHABADA, our approach will make use of both known benign and malicious apps to predict other malicious apps. Also, our approach will select a good set of apps for experts to label as malicious or benign to form a set of labeled training data -- it is an active approach. Furthermore, it will make use of both labeled data (known malicious or benign apps) and unlabeled data (unknown apps) -- it is a semi-supervised approach. We have evaluated our approach by using a set of 22,555 Android apps. Our approach achieves a good performance in detecting malicious apps with a precision of 99.82%, recall of 92.50%, and F-measure of 96.02%. Our approach improves CHABADA by 365.8%, 64.8%, 209.6% in terms of precision, recall, and F-measure.

Keywords

App Mining, Malware Detection, Deviant Behavior Detection, Text Mining, Classification

Discipline

Computer Sciences | Information Security | Software Engineering

Research Areas

Software and Cyber-Physical Systems

Publication

2015 IEEE 39th Annual Computers Software and Applications Conference (COMPSAC): 1-5 July 2015, Taichung, Taiwan: Proceedings

First Page

179

Last Page

184

ISBN

9781467365659

Identifier

10.1109/COMPSAC.2015.93

Publisher

IEEE

City or Country

Piscataway, NJ

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1109/COMPSAC.2015.93

Download

Share

COinS