ENGLISH
La vitrine de diffusion des publications et contributions des chercheurs de l'ÉTS
RECHERCHER

Deep-layer clustering to identify permission usage patterns of Android app categories

Namrud, Zakeya, Kpodjedo, Sègla, Bali, Ahmed et Talhi, Chamseddine. 2022. « Deep-layer clustering to identify permission usage patterns of Android app categories ». IEEE Access, vol. 10. pp. 24240-24254.
Compte des citations dans Scopus : 7.

[thumbnail of Talhi-C-2022-24100.pdf]
Prévisualisation
 PDF
Talhi-C-2022-24100.pdf - Version publiée
Licence d'utilisation : Creative Commons CC BY.
Télécharger (5MB) | Prévisualisation

Résumé

With the increasing usage of smartphones in banks, medical services and m-commerce, and the uploading of applications from unofficial sources, security has become a major concern for smartphone users. Malicious apps can steal passwords, leak details, and generally cause havoc with users’ accounts. Current anti-virus programs rely on static signatures that need to be changed periodically and cannot identify zero-day malware. The Android permission system is the central security mechanism that regulates the execution of application tasks. Although recent advances in research have provided various approaches and detection methods for finding malware apps, the available literature lacks a full analysis of this subject. We fill this gap by: 1) Systematically and automatically building a large dataset of malware and benign apps, which we have made available to the community. Our dataset has around 16K apps and 118 features. 2) We offer a novel approach for automatically identifying permission usage patterns, which are groupings of permissions that developers frequently utilise together. The approach combines SOM and K-means clustering algorithms to classify permissions according to app usage categories. The results demonstrate that the proposed methodology is able to detect most of the consistent and coherent permission usage patterns across a wide variety of application categories. To assess our strategy, we add the identified patterns as features to our dataset and then apply an SVM classifier for malware detection. Our results indicate that the identified patterns improve the performance of the classifier.

Type de document: Article publié dans une revue, révisé par les pairs
Professeur:
Professeur
Talhi, Chamseddine
Affiliation: Génie logiciel et des technologies de l'information
Date de dépôt: 22 mars 2022 20:39
Dernière modification: 23 juin 2022 13:14
URI: https://espace2.etsmtl.ca/id/eprint/24100

Actions (Authentification requise)

Dernière vérification avant le dépôt Dernière vérification avant le dépôt
Espace ÉTS version 2.0 Bibliothèque de l'École de technologie supérieure.