TY - GEN
T1 - Android Application Risk Indicator Based on Feature Analysis Utilizing Machine Learning
AU - Baek, Hyochang
AU - Joo, Minhee
AU - Park, Won
AU - You, Youngin
AU - Lee, Kyungho
N1 - Funding Information:
This work was supported by the Institute for Information communications Technology Promotion(IITP) grant funded by the Korea government(MSIT) (No.2017-0-01853, Machine Learning based Intelligent Malware Analysis Platform)
Publisher Copyright:
© 2019 IEEE.
PY - 2019/3/18
Y1 - 2019/3/18
N2 - As the penetration rate of smart mobile devices has increased, threats targeting the Android platform, which accounts for the majority of mobile operating systems, have increased. As a typical example, a fake Korea Financial Supervisory Service application(app) appeared at the end of 2017. When users installed this app and called the Financial Supervisory Service, there was a case of fake loan consultation, which resulted in financial loss and leakage of personal information. There have been a variety of malicious apps targeting mobile devices. As a result, it became necessary to detect the risks to such malicious apps and to make decisions about the apps. In this paper, we created a model to evaluate the risk of apps in Android and define the characteristics of each element. In addition, the risk from the model is used to make a risk map for decision making using unsupervised algorithms. To make the risk map in this paper uses the data of 2970 apps that is malicious or benign. As a result of the experiment, some of the benign apps were classified as very high risk. They had a lot of high-risk permissions, and there was a need for users to be careful. The results of this study can help users know the exact risk of Android apps and help detect unknown malicious apps.
AB - As the penetration rate of smart mobile devices has increased, threats targeting the Android platform, which accounts for the majority of mobile operating systems, have increased. As a typical example, a fake Korea Financial Supervisory Service application(app) appeared at the end of 2017. When users installed this app and called the Financial Supervisory Service, there was a case of fake loan consultation, which resulted in financial loss and leakage of personal information. There have been a variety of malicious apps targeting mobile devices. As a result, it became necessary to detect the risks to such malicious apps and to make decisions about the apps. In this paper, we created a model to evaluate the risk of apps in Android and define the characteristics of each element. In addition, the risk from the model is used to make a risk map for decision making using unsupervised algorithms. To make the risk map in this paper uses the data of 2970 apps that is malicious or benign. As a result of the experiment, some of the benign apps were classified as very high risk. They had a lot of high-risk permissions, and there was a need for users to be careful. The results of this study can help users know the exact risk of Android apps and help detect unknown malicious apps.
KW - Android application
KW - FAIR model
KW - Risk assessment
UR - http://www.scopus.com/inward/record.url?scp=85063912856&partnerID=8YFLogxK
U2 - 10.1109/PlatCon.2019.8669424
DO - 10.1109/PlatCon.2019.8669424
M3 - Conference contribution
AN - SCOPUS:85063912856
T3 - 2019 International Conference on Platform Technology and Service, PlatCon 2019 - Proceedings
BT - 2019 International Conference on Platform Technology and Service, PlatCon 2019 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 6th International Conference on Platform Technology and Service, PlatCon 2019
Y2 - 28 January 2019 through 30 January 2019
ER -