A novel method to avoid malicious applications on Android

•

0 likes•295 views

The document discusses a method for classifying Android applications as malicious or clean using Maximum Severity Rating (MSR) classification. MSR calculates the permissions requested by an application and compares it to averages for malicious and clean applications to determine if it is above or below the averages. The method also enhances the permission agreement screen with improved visualization to help users make more informed decisions about granting permissions. The goal is to help non-technical users verify applications properly and reject actually malicious ones based on their permission requests.

Technology Education

Sangho Lee
School of IntegratedTechnology,
Yonsei University

 Introduction
 Maximum Severity Rating (MSR)
Classification
 EnhancedVisualization of Permission set
 Experimental results
 Limitation
 Conclusion
 Q & A

 Android is widely spreading among Smartphone users, its security
threats are also increasing immensely
 In permission model based OS, malicious applications can only
execute malfunctions with previously granted permissions
 Attackers require more permissions than what the normal
applications need.
 Example> accessing call log, sending SMS and reading contact
information
 Our method focuses especially on the procedure of permission
agreement, and concentrate to help the users verifying an
application properly with rejection of a malicious application.

 Maximum Severity Rating (MSR) classification
attempts to find malicious applications by examining
requested permissions.
 MSR classification calculates the permissions set of an
application to inform whether it is malicious or not to
the user
 Our method assists the users who do not have
sufficient knowledge about a permission-based
security model.
 The final decision to install an application is to be made by
a user

25
25
1

 i
i
xMR
xMRrMR
Avg , rMR is sample difference ratio
25
25
1

 i
i
xNR
xNRrNR
Avg , rNR is sample difference ratio
25
25
1

 i
i
xMR
xMRrMR
Avg , rMR is sample difference ratio
25
25
1

 i
i
xNR
xNRrNR
Avg , rNR is sample difference ratio

 An application is indicated as a malicious
application if average value of normal
application is less than malicious application
 Otherwise, it is recognized as a clean
application

 Enhanced visualization based on improved
user interface can lead the users more
cognitive to the risks
 A user interface of permission agreement
screen which is redesigned for enhancement
of the ratio to make the right decision

 Need more samples to conduct more
accurate experimental result.
 We used 2 clean / 1 malicious sample apps
 How to collect malicious app samples?

 Maximum Severity Rating(MSR) classification
to indicate a comprehensive assessment of
an application
 Enhanced visualization with redesign of a
permission-grant screen to assist an
improvement of right decisions from the
users

Similar to A novel method to avoid malicious applications on Android

Tech Report: On the Effectiveness of Malware Protection on Android

Fraunhofer AISEC

Effective risk communication for android apps

JPINFOTECH JAYAPRAKASH

Generating Risk Summary Risk Scores For Mobile Applications

Papitha Velumani

Improved cross-platform accessibility of a flagship application for world's l...

Mindtree Ltd.

IEEE ANDROID APPLICATION 2016 TITLE AND ABSTRACT

tsysglobalsolutions

Mandiant’s annual threat report reveals key insights, statistics and case studies illustrating how the tools and tactics of advanced targeted attackers, including the Advanced Persistent Threat (APT), have evolved over the last year. The report, based on hundreds of advanced threat investigations, also shares approaches that organizations can take to improve the way they detect, respond to, and contain complex breaches. For the latest M-Trends report, https://www.fireeye.com/mtrends

M-Trends® 2012: An Evolving Threat

FireEye, Inc.

Despite all attempts to prevent fraud, it continues to be a major threat to industry and government. In this paper, we present a fraud detection method which detects irregular frequency of transaction usage in an Enterprise Resource Planning (ERP) system. We discuss the design, development and empirical evaluation of outlier detection and distance measuring techniques to detect frequency-based anomalies within an individual user’s profile, relative to other similar users. Primarily, we propose three automated techniques: a univariate method, called Boxplot which is based on the sample’s median; and two multivariate methods which use Euclidean distance, for detecting transaction frequency anomalies within each transaction profile. The two multivariate approaches detect potentially fraudulent activities by identifying: (1) users where the Euclidean distance between their transaction-type set is above a certain threshold and (2) users/data points that lie far apart from other users/clusters or represent a small cluster size, using k-means clustering. The proposed methodology allows an auditor to investigate the transaction frequency anomalies and adjust the different parameters, such as the outlier threshold and the Euclidean distance threshold values to tune the number of alerts. The novelty of the proposed technique lies in its ability to automatically trigger alerts from transaction profiles, based on transaction usage performed over a period of time. Experiments were conducted using a real dataset obtained from the production client of a large organization using SAP R/3 (presently the most predominant ERP system), to run its business. The results of this empirical research demonstrate the effectiveness of the proposed approach.

Detecting Fraud Using Transaction Frequency Data

ITIIIndustries

Intelligence on the Intractable Problem of Software Security

Tyler Shields

In a post-perimeter world, organizations must rely on managed endpoint detection and response (MEDR) as a service from a managed security service provider to provide the first line of defense against a cyber attack.Yet, existing solutions require advanced expertise and time to use effectively. We have come up with Modern EDR that is built for speed for organizations of all sizes that values simplicitly and efficiency.

Managed End Point security

Mechsoft Technologies LLC

Predict Android ransomware using categorical classifiaction.pptx

laharisai03

Android Malware Detection

IRJET Journal

Veracode - Inglês

DeServ - Tecnologia e Servços

Android being a widely used mobile platform has witnessed an increase in the number of malicious samples on its market place. The availability of multiple sources for downloading applications has also contributed to users falling prey to malicious applications. Classification of an Android application as malicious or benign remains a challenge as malicious applications maneuver to pose themselves as benign. This paper presents an approach which extracts various features from Android Application Package file (APK) using static analysis and subsequently classifies using machine learning techniques. The contribution of this work includes deriving, extracting and analyzing crucial features of Android applications that aid in efficient classification. The analysis is carried out using various machine learning algorithms with both weighted and non-weighted approaches. It was observed that weighted approach depicts higher detection rates using fewer features. Random Forest algorithm exhibited high detection rate and shows the least false positive rate.

DROIDSWAN: Detecting Malicious Android Applications Based on Static Feature A...

csandit

IRJET- Secured Analysis of Android Applications using Permission Accessing Sy...

IRJET Journal

Permission Driven Malware Detection using Machine Learning

IRJET Journal

Network Detection & Response Services in India | Senselearner Senselearner offers top-notch Network Detection & Response Services in India to safeguard your organization against cyber threats. Our expert team uses advanced technologies and techniques to monitor your network for any suspicious activity, identify potential threats, and respond quickly to minimize damage. With Senselearner's NDR services, you can rest assured that your sensitive data and critical assets are protected round the clock. Our flexible and customizable solutions cater to the unique needs of your business, providing you with peace of mind and maximum security. Choose Senselearner for reliable and efficient NDR services and stay ahead of cybercriminals. Contact us today to learn more. For more information, Visit our website: https://senselearner.com/network-detection-response-ndr/

Network Detection & Response Services in India.pdf

Sense Learner Technologies Pvt Ltd

Permission based malware detection by using k means algorithm in Android OS

BRNSSPublicationHubI

Reduce, reclaim and recycle your software to deliver dramatic cost reductions

1E: Software Lifecycle Automation

Cybersecurity Best Practices for 3rd Party Supply Chain

Anthony Braddy

Cloud activ8 state of ransomware report_2021-dec

gusbarrett

Similar to A novel method to avoid malicious applications on Android (20)

Tech Report: On the Effectiveness of Malware Protection on Android

Effective risk communication for android apps

Generating Risk Summary Risk Scores For Mobile Applications

Improved cross-platform accessibility of a flagship application for world's l...

IEEE ANDROID APPLICATION 2016 TITLE AND ABSTRACT

M-Trends® 2012: An Evolving Threat

Detecting Fraud Using Transaction Frequency Data

Intelligence on the Intractable Problem of Software Security

Managed End Point security

Predict Android ransomware using categorical classifiaction.pptx

Android Malware Detection

Veracode - Inglês

DROIDSWAN: Detecting Malicious Android Applications Based on Static Feature A...

IRJET- Secured Analysis of Android Applications using Permission Accessing Sy...

Permission Driven Malware Detection using Machine Learning

Network Detection & Response Services in India.pdf

Permission based malware detection by using k means algorithm in Android OS

Reduce, reclaim and recycle your software to deliver dramatic cost reductions

Cybersecurity Best Practices for 3rd Party Supply Chain

Cloud activ8 state of ransomware report_2021-dec

Recently uploaded

Choosing the right accounts payable services provider is a strategic decision that can significantly impact your business's financial performance and operational efficiency. By considering factors such as expertise, range of services, technology infrastructure, scalability, cost, and reputation, businesses can make informed decisions and select a provider that aligns with their unique needs and objectives. Partnering with the right provider can streamline accounts payable processes, drive cost savings, and position your business for long-term success. https://katprotech.com/accounts-payable-and-purchase-order-automation/

Factors to Consider When Choosing Accounts Payable Services Providers.pptx

Katpro Technologies

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Scaling API-first – The story of a global engineering organization

Radu Cotescu

Enterprise Knowledge’s Urmi Majumder, Principal Data Architecture Consultant, and Fernando Aguilar Islas, Senior Data Science Consultant, presented "Driving Behavioral Change for Information Management through Data-Driven Green Strategy" on March 27, 2024 at Enterprise Data World (EDW) in Orlando, Florida. In this presentation, Urmi and Fernando discussed a case study describing how the information management division in a large supply chain organization drove user behavior change through awareness of the carbon footprint of their duplicated and near-duplicated content, identified via advanced data analytics. Check out their presentation to gain valuable perspectives on utilizing data-driven strategies to influence positive behavioral shifts and support sustainability initiatives within your organization. In this session, participants gained answers to the following questions: - What is a Green Information Management (IM) Strategy, and why should you have one? - How can Artificial Intelligence (AI) and Machine Learning (ML) support your Green IM Strategy through content deduplication? - How can an organization use insights into their data to influence employee behavior for IM? - How can you reap additional benefits from content reduction that go beyond Green IM?

Driving Behavioral Change for Information Management through Data-Driven Gree...

Enterprise Knowledge

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

Slack Application Development 101 Slides

praypatel2

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

In an era where artificial intelligence (AI) stands at the forefront of business innovation, Information Architecture (IA) is at the core of functionality. See “There’s No AI Without IA” – (from 2016 but even more relevant today) Understanding and leveraging how Information Architecture (IA) supports AI synergies between knowledge engineering and prompt engineering is critical for senior leaders looking to successfully deploy AI for internal and externally facing knowledge processes. This webinar be a high-level overview of the methodologies that can elevate AI-driven knowledge processes supporting both employees and customers. Core Insights Include: Strategic Knowledge Engineering: Delve into how structuring AI's knowledge base is required to prevent hallucinations, enable contextual retrieval of accurate information. This will include discussion of gold standard libraries of use cases support testing various LLMs and structures and configurations of knowledge base. Precision in Prompt Engineering: Learn the art of crafting prompts that direct AI to deliver targeted, relevant responses, thereby optimizing customer experiences and business outcomes. Unified Approach for Enhanced AI Performance: Explore the intersection of knowledge and prompt engineering to develop AI systems that are not only more responsive but also aligned with overarching business strategies. Guiding Principles for Implementation: Equip yourself with best practices, ethical guidelines, and strategic considerations for embedding these technologies into your business ecosystem effectively. This webinar is designed to empower business and technology leaders with the knowledge to harness the full potential of AI, ensuring their organizations not only keep pace with digital transformation but lead the charge. Join us to map a roadmap to fully leverage Information Architecture (IA) and AI chart a course towards a future where AI is a key pillar of strategic innovation and business success.

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx

Earley Information Science

Advantages of Hiring UIUX Design Service Providers for Your Business

Pixlogix Infotech

Explore 'The Codex of Business: Writing Software for Real-World Solutions,' a compelling SlideShare presentation that delves into digital transformation in healthcare. Discover through a detailed case study how Agile methodologies empower healthcare providers to develop, iterate, and refine digital solutions that address real-world challenges. Learn how strategic planning, user feedback, and continuous improvement drive success in deploying technologies that enhance patient care and operational efficiency. Ideal for healthcare professionals, IT specialists, and digital transformation advocates seeking actionable insights and practical examples of technology making a real difference.

The Codex of Business Writing Software for Real-World Solutions 2.pptx

Malak Abu Hammad

CNv6 Instructor Chapter 6 Quality of Service

giselly40

How to convert PDF to text with Nanonets

naman860154

MySQL Webinar, presented on the 25th of April, 2024. Summary: MySQL solutions enable the deployment of diverse Database Architectures tailored to specific needs, including High Availability, Disaster Recovery, and Read Scale-Out. With MySQL Shell's AdminAPI, administrators can seamlessly set up, manage, and monitor these solutions, ensuring efficiency and ease of use in their administration. MySQL Router, on the other hand, provides transparent routing from the application traffic to the backend servers in the architectures, requiring minimal configuration. Completely built in-house and supported by Oracle, these solutions have been adopted by enterprises of all sizes for their business-critical applications. In this presentation, we'll delve into various database architecture solutions to help you choose the right one based on your business requirements. Focusing on technical details and the latest features to maximize the potential of these solutions.

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Miguel Araújo

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Neo4j

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

The 7 Things I Know About Cyber Security After 25 Years | April 2024

Rafal Los

Recently uploaded (20)

Factors to Consider When Choosing Accounts Payable Services Providers.pptx

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Scaling API-first – The story of a global engineering organization

Driving Behavioral Change for Information Management through Data-Driven Gree...

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Axa Assurance Maroc - Insurer Innovation Award 2024

Artificial Intelligence: Facts and Myths

Slack Application Development 101 Slides

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx

Advantages of Hiring UIUX Design Service Providers for Your Business

The Codex of Business Writing Software for Real-World Solutions 2.pptx

CNv6 Instructor Chapter 6 Quality of Service

How to convert PDF to text with Nanonets

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Automating Google Workspace (GWS) & more with Apps Script

Boost Fertility New Invention Ups Success Rates.pdf

The 7 Things I Know About Cyber Security After 25 Years | April 2024

A novel method to avoid malicious applications on Android

1. Sangho Lee School of IntegratedTechnology, Yonsei University

2.  Introduction  Maximum Severity Rating (MSR) Classification  EnhancedVisualization of Permission set  Experimental results  Limitation  Conclusion  Q & A

3.  Android is widely spreading among Smartphone users, its security threats are also increasing immensely  In permission model based OS, malicious applications can only execute malfunctions with previously granted permissions  Attackers require more permissions than what the normal applications need.  Example> accessing call log, sending SMS and reading contact information  Our method focuses especially on the procedure of permission agreement, and concentrate to help the users verifying an application properly with rejection of a malicious application.

5.  Maximum Severity Rating (MSR) classification attempts to find malicious applications by examining requested permissions.  MSR classification calculates the permissions set of an application to inform whether it is malicious or not to the user  Our method assists the users who do not have sufficient knowledge about a permission-based security model.  The final decision to install an application is to be made by a user

6. 25 25 1   i i xMR xMRrMR Avg , rMR is sample difference ratio 25 25 1   i i xNR xNRrNR Avg , rNR is sample difference ratio 25 25 1   i i xMR xMRrMR Avg , rMR is sample difference ratio 25 25 1   i i xNR xNRrNR Avg , rNR is sample difference ratio

7. 25 25 1   i i xMR xMRrMR Avg , rMR is sample difference ratio 25 25 1   i i xNR xNRrNR Avg , rNR is sample difference ratio 25 25 1   i i xMR xMRrMR Avg , rMR is sample difference ratio 25 25 1   i i xNR xNRrNR Avg , rNR is sample difference ratio

8. 25 25 1   i i xMR xMRrMR Avg , rMR is sample difference ratio 25 25 1   i i xNR xNRrNR Avg , rNR is sample difference ratio 25 25 1   i i xMR xMRrMR Avg , rMR is sample difference ratio 25 25 1   i i xNR xNRrNR Avg , rNR is sample difference ratio

9.  An application is indicated as a malicious application if average value of normal application is less than malicious application  Otherwise, it is recognized as a clean application

10.  Enhanced visualization based on improved user interface can lead the users more cognitive to the risks  A user interface of permission agreement screen which is redesigned for enhancement of the ratio to make the right decision

11. Clean Malicious

12.  Need more samples to conduct more accurate experimental result.  We used 2 clean / 1 malicious sample apps  How to collect malicious app samples?

13.  Maximum Severity Rating(MSR) classification to indicate a comprehensive assessment of an application  Enhanced visualization with redesign of a permission-grant screen to assist an improvement of right decisions from the users

A novel method to avoid malicious applications on Android

Recommended

Recommended

More Related Content

Similar to A novel method to avoid malicious applications on Android

Similar to A novel method to avoid malicious applications on Android (20)

Recently uploaded

Recently uploaded (20)

A novel method to avoid malicious applications on Android