Olukoya, O. , Mackenzie, L. and Omoronyia, I. (2020) Towards using unstructured user input request for malware detection. Computers and Security, 93, 101783. (doi: 10.1016/j.cose.2020.101783)
|
Text
211314.pdf - Accepted Version Available under License Creative Commons Attribution Non-commercial No Derivatives. 1MB |
Abstract
Privacy analysis techniques for mobile apps are mostly based on system-centric data originating from well-defined system API calls. But these apps may also collect sensitive information via their unstructured input sources that elude privacy analysis. The consequence is that users are unable to determine the extent to which apps may impact on their privacy when downloaded and installed on mobile devices. To this end, we present a privacy analysis framework for unstructured input. Our approach leverages app meta-data descriptions and taxonomy of sensitive information, to identify sensitive unstructured user input. The outcome is an understanding of the level of user privacy risk posed by an app based on its unstructured user input request. Subsequently, we evaluate the usefulness of the unstructured sensitive user input for malware detection. We evaluate our methods using 175K benign apps and 175K malware APKs. The outcome highlights that malicious app detector built on unstructured sensitive user achieve an average balance accuracy of 0.996 demonstrated with Trojan-Banker and Trojan-SMS when the malware family and target applications are known and balanced accuracy of 0.70 with generic malware.
Item Type: | Articles |
---|---|
Status: | Published |
Refereed: | Yes |
Glasgow Author(s) Enlighten ID: | Omoronyia, Dr Inah and Mackenzie, Dr Lewis and Olukoya, Mr Oluwafemi |
Authors: | Olukoya, O., Mackenzie, L., and Omoronyia, I. |
College/School: | College of Science and Engineering > School of Computing Science |
Journal Name: | Computers and Security |
Publisher: | Elsevier |
ISSN: | 0167-4048 |
ISSN (Online): | 1872-6208 |
Published Online: | 29 February 2020 |
Copyright Holders: | Copyright © 2020 Elsevier |
First Published: | First published in Computers and Security 93:101783 |
Publisher Policy: | Reproduced in accordance with the copyright policy of the publisher |
University Staff: Request a correction | Enlighten Editors: Update this record