Methods to select features for android malware detection based on the protection level analysis

Chaeeun Lee, Eunnarae Ko, Kyungho Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Android’s permission system is asked to users before installing applications. It is intended to warn users about the risks of the app installation and gives users opportunities to review the application’s permission requests and uninstall it if they find it threatening. However, not all android permissions ask for the user’s decision. Those who are defined as ‘Dangerous’ in the permission protection level are only being confirmed by the users in Android Google Market. We examine whether the ‘Dangerous permissions’ are actually being a main component of detection when it comes to defining the app as malicious or benign. To collect important features and to investigate the correlation between the malicious app and the permission’s protection level, feature selection and deep learning algorithms were used. The study evaluates the feature by using the confusion matrix. We used 10,818 numbers of malicious and benign applications, and 457 permission lists to investigate our examination, and it appeared that ‘Dangerous’ permissions may not be the only important factor, and we suggest a different perspective of viewing permissions.

Original languageEnglish
Title of host publicationInformation Security Applications - 21st International Conference, WISA 2020, Revised Selected Papers
EditorsIlsun You
PublisherSpringer Science and Business Media Deutschland GmbH
Pages375-386
Number of pages12
ISBN (Print)9783030652982
DOIs
Publication statusPublished - 2020
Event21st International Conference on Information Security Applications, WISA 2020 - Jeju Island, Korea, Republic of
Duration: 2020 Aug 262020 Aug 28

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12583 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference21st International Conference on Information Security Applications, WISA 2020
CountryKorea, Republic of
CityJeju Island
Period20/8/2620/8/28

Keywords

  • Android application
  • Classification
  • Deep learning
  • Feature selection
  • Malware detection
  • Permission
  • Protection level

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Methods to select features for android malware detection based on the protection level analysis'. Together they form a unique fingerprint.

Cite this