TY - GEN
T1 - Methods to select features for android malware detection based on the protection level analysis
AU - Lee, Chaeeun
AU - Ko, Eunnarae
AU - Lee, Kyungho
N1 - Funding Information:
Acknowledgements. “This research was supported by the MSIT (Ministry of Science and ICT), Korea, under the ITRC (Information Technology Research Center) support program (IITP-2020-2015-0-00403) supervised by the IITP (Institute for Information &communications Technology Planning &Evaluation)” “This study was supported by a grant of the Korean Heath Technology R&D Project, Ministry of Health and Welfare, Republic of Korea. (HI19C0866)”
PY - 2020
Y1 - 2020
N2 - Android’s permission system is asked to users before installing applications. It is intended to warn users about the risks of the app installation and gives users opportunities to review the application’s permission requests and uninstall it if they find it threatening. However, not all android permissions ask for the user’s decision. Those who are defined as ‘Dangerous’ in the permission protection level are only being confirmed by the users in Android Google Market. We examine whether the ‘Dangerous permissions’ are actually being a main component of detection when it comes to defining the app as malicious or benign. To collect important features and to investigate the correlation between the malicious app and the permission’s protection level, feature selection and deep learning algorithms were used. The study evaluates the feature by using the confusion matrix. We used 10,818 numbers of malicious and benign applications, and 457 permission lists to investigate our examination, and it appeared that ‘Dangerous’ permissions may not be the only important factor, and we suggest a different perspective of viewing permissions.
AB - Android’s permission system is asked to users before installing applications. It is intended to warn users about the risks of the app installation and gives users opportunities to review the application’s permission requests and uninstall it if they find it threatening. However, not all android permissions ask for the user’s decision. Those who are defined as ‘Dangerous’ in the permission protection level are only being confirmed by the users in Android Google Market. We examine whether the ‘Dangerous permissions’ are actually being a main component of detection when it comes to defining the app as malicious or benign. To collect important features and to investigate the correlation between the malicious app and the permission’s protection level, feature selection and deep learning algorithms were used. The study evaluates the feature by using the confusion matrix. We used 10,818 numbers of malicious and benign applications, and 457 permission lists to investigate our examination, and it appeared that ‘Dangerous’ permissions may not be the only important factor, and we suggest a different perspective of viewing permissions.
KW - Android application
KW - Classification
KW - Deep learning
KW - Feature selection
KW - Malware detection
KW - Permission
KW - Protection level
UR - http://www.scopus.com/inward/record.url?scp=85098236306&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85098236306&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-65299-9_28
DO - 10.1007/978-3-030-65299-9_28
M3 - Conference contribution
AN - SCOPUS:85098236306
SN - 9783030652982
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 375
EP - 386
BT - Information Security Applications - 21st International Conference, WISA 2020, Revised Selected Papers
A2 - You, Ilsun
PB - Springer Science and Business Media Deutschland GmbH
T2 - 21st International Conference on Information Security Applications, WISA 2020
Y2 - 26 August 2020 through 28 August 2020
ER -