Abstract

With the expected development of the Internet of Things, in which all devices will be connected, mobile devices will play a greater role in providing personalized services and will store larger amounts of personal information. However, the number of malicious applications is also increasing, with the aim being to steal user personal information. Furthermore, given the open-market policies of Android and the distribution structure of the Google Play store, any application developer can readily distribute such applications. On the other hand, end users cannot easily determine whether an application is malicious or not. Therefore, we propose an Android application package (APK) Vulnerability Identification System (AVIS) that can identify malicious applications in advance using the Naïve Bayes classification scheme. To achieve this goal, AVIS builds a dataset by downloading sample applications and extracting their framework methods. To verify the accuracy of AVIS, we analyze sample applications. The APK vulnerability score determined by AVIS is expected to be used as a core metric for quantitatively evaluating the vulnerability of mobile applications.

Original languageEnglish (US)
Pages (from-to)1-16
Number of pages16
JournalMultimedia Tools and Applications
DOIs
StateAccepted/In press - May 5 2017

Fingerprint

Risk assessment
Identification (control systems)
Malware
Mobile devices

Keywords

  • Machine learning
  • Malware analysis
  • Mobile security

ASJC Scopus subject areas

  • Software
  • Media Technology
  • Hardware and Architecture
  • Computer Networks and Communications

Cite this

Risk assessment of mobile applications based on machine learned malware dataset. / Kim, Hyunki; Cho, Taejoo; Ahn, Gail-Joon; Hyun Yi, Jeong.

In: Multimedia Tools and Applications, 05.05.2017, p. 1-16.

Research output: Contribution to journalArticle

@article{b277846e461d4fc1ab309b7ca0d68cf9,
title = "Risk assessment of mobile applications based on machine learned malware dataset",
abstract = "With the expected development of the Internet of Things, in which all devices will be connected, mobile devices will play a greater role in providing personalized services and will store larger amounts of personal information. However, the number of malicious applications is also increasing, with the aim being to steal user personal information. Furthermore, given the open-market policies of Android and the distribution structure of the Google Play store, any application developer can readily distribute such applications. On the other hand, end users cannot easily determine whether an application is malicious or not. Therefore, we propose an Android application package (APK) Vulnerability Identification System (AVIS) that can identify malicious applications in advance using the Na{\"i}ve Bayes classification scheme. To achieve this goal, AVIS builds a dataset by downloading sample applications and extracting their framework methods. To verify the accuracy of AVIS, we analyze sample applications. The APK vulnerability score determined by AVIS is expected to be used as a core metric for quantitatively evaluating the vulnerability of mobile applications.",
keywords = "Machine learning, Malware analysis, Mobile security",
author = "Hyunki Kim and Taejoo Cho and Gail-Joon Ahn and {Hyun Yi}, Jeong",
year = "2017",
month = "5",
day = "5",
doi = "10.1007/s11042-017-4756-0",
language = "English (US)",
pages = "1--16",
journal = "Multimedia Tools and Applications",
issn = "1380-7501",
publisher = "Springer Netherlands",

}

TY - JOUR

T1 - Risk assessment of mobile applications based on machine learned malware dataset

AU - Kim, Hyunki

AU - Cho, Taejoo

AU - Ahn, Gail-Joon

AU - Hyun Yi, Jeong

PY - 2017/5/5

Y1 - 2017/5/5

N2 - With the expected development of the Internet of Things, in which all devices will be connected, mobile devices will play a greater role in providing personalized services and will store larger amounts of personal information. However, the number of malicious applications is also increasing, with the aim being to steal user personal information. Furthermore, given the open-market policies of Android and the distribution structure of the Google Play store, any application developer can readily distribute such applications. On the other hand, end users cannot easily determine whether an application is malicious or not. Therefore, we propose an Android application package (APK) Vulnerability Identification System (AVIS) that can identify malicious applications in advance using the Naïve Bayes classification scheme. To achieve this goal, AVIS builds a dataset by downloading sample applications and extracting their framework methods. To verify the accuracy of AVIS, we analyze sample applications. The APK vulnerability score determined by AVIS is expected to be used as a core metric for quantitatively evaluating the vulnerability of mobile applications.

AB - With the expected development of the Internet of Things, in which all devices will be connected, mobile devices will play a greater role in providing personalized services and will store larger amounts of personal information. However, the number of malicious applications is also increasing, with the aim being to steal user personal information. Furthermore, given the open-market policies of Android and the distribution structure of the Google Play store, any application developer can readily distribute such applications. On the other hand, end users cannot easily determine whether an application is malicious or not. Therefore, we propose an Android application package (APK) Vulnerability Identification System (AVIS) that can identify malicious applications in advance using the Naïve Bayes classification scheme. To achieve this goal, AVIS builds a dataset by downloading sample applications and extracting their framework methods. To verify the accuracy of AVIS, we analyze sample applications. The APK vulnerability score determined by AVIS is expected to be used as a core metric for quantitatively evaluating the vulnerability of mobile applications.

KW - Machine learning

KW - Malware analysis

KW - Mobile security

UR - http://www.scopus.com/inward/record.url?scp=85018771743&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85018771743&partnerID=8YFLogxK

U2 - 10.1007/s11042-017-4756-0

DO - 10.1007/s11042-017-4756-0

M3 - Article

SP - 1

EP - 16

JO - Multimedia Tools and Applications

JF - Multimedia Tools and Applications

SN - 1380-7501

ER -