Abstract

With the expected development of the Internet of Things, in which all devices will be connected, mobile devices will play a greater role in providing personalized services and will store larger amounts of personal information. However, the number of malicious applications is also increasing, with the aim being to steal user personal information. Furthermore, given the open-market policies of Android and the distribution structure of the Google Play store, any application developer can readily distribute such applications. On the other hand, end users cannot easily determine whether an application is malicious or not. Therefore, we propose an Android application package (APK) Vulnerability Identification System (AVIS) that can identify malicious applications in advance using the Naïve Bayes classification scheme. To achieve this goal, AVIS builds a dataset by downloading sample applications and extracting their framework methods. To verify the accuracy of AVIS, we analyze sample applications. The APK vulnerability score determined by AVIS is expected to be used as a core metric for quantitatively evaluating the vulnerability of mobile applications.

Original languageEnglish (US)
Pages (from-to)1-16
Number of pages16
JournalMultimedia Tools and Applications
DOIs
StateAccepted/In press - May 5 2017

Keywords

  • Machine learning
  • Malware analysis
  • Mobile security

ASJC Scopus subject areas

  • Software
  • Media Technology
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Risk assessment of mobile applications based on machine learned malware dataset'. Together they form a unique fingerprint.

  • Cite this