VADER-RF: a novel scheme for protecting user privacy on android devices

IF 1.6 Q2 ENGINEERING, MULTIDISCIPLINARY
Manish Verma, Parma Nand
{"title":"VADER-RF: a novel scheme for protecting user privacy on android devices","authors":"Manish Verma, Parma Nand","doi":"10.1007/s13198-024-02461-1","DOIUrl":null,"url":null,"abstract":"<p>Android protects user privacy through its permission system and explains permission usage in privacy disclosure. Privacy disclosure often fails to predict app behavior accurately and leading to potential exploitation by malicious applications. To address this, we propose the VADER-RF technique, which combines VADER sentiment analysis with Random Forest machine learning to correlate privacy disclosures with app behavior. Our model analyzes privacy disclosure documents using sentiment analysis, extracting permissions from AndroidManifest.xml file, and explore the data flow analysis of Java files. These features were evaluated on Naive Bayes, SVM, Decision Tree and Random Forest machine learning models. The Random Forest model demonstrated superior performance with the highest accuracy (81.6%), precision (85.3%) and recall (89.4%). Kendall's Tau correlation coefficient is 0.54, which indicates that our model is moderate to strongly effective at predicting whether an app is malicious based on the selected features. Sentiment analysis significantly enhanced all models’ performance, underscoring the effectiveness of integrating sentiment analysis with traditional feature sets for advanced malware detection.</p>","PeriodicalId":14463,"journal":{"name":"International Journal of System Assurance Engineering and Management","volume":null,"pages":null},"PeriodicalIF":1.6000,"publicationDate":"2024-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of System Assurance Engineering and Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1007/s13198-024-02461-1","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"ENGINEERING, MULTIDISCIPLINARY","Score":null,"Total":0}
引用次数: 0

Abstract

Android protects user privacy through its permission system and explains permission usage in privacy disclosure. Privacy disclosure often fails to predict app behavior accurately and leading to potential exploitation by malicious applications. To address this, we propose the VADER-RF technique, which combines VADER sentiment analysis with Random Forest machine learning to correlate privacy disclosures with app behavior. Our model analyzes privacy disclosure documents using sentiment analysis, extracting permissions from AndroidManifest.xml file, and explore the data flow analysis of Java files. These features were evaluated on Naive Bayes, SVM, Decision Tree and Random Forest machine learning models. The Random Forest model demonstrated superior performance with the highest accuracy (81.6%), precision (85.3%) and recall (89.4%). Kendall's Tau correlation coefficient is 0.54, which indicates that our model is moderate to strongly effective at predicting whether an app is malicious based on the selected features. Sentiment analysis significantly enhanced all models’ performance, underscoring the effectiveness of integrating sentiment analysis with traditional feature sets for advanced malware detection.

Abstract Image

VADER-RF:在安卓设备上保护用户隐私的新方案
安卓通过权限系统保护用户隐私,并在隐私披露中解释权限的使用。隐私披露往往不能准确预测应用程序的行为,从而导致恶意应用程序的潜在利用。针对这一问题,我们提出了 VADER-RF 技术,该技术将 VADER 情感分析与随机森林机器学习相结合,将隐私披露与应用程序行为关联起来。我们的模型利用情感分析来分析隐私披露文件,从 AndroidManifest.xml 文件中提取权限,并探索 Java 文件的数据流分析。在 Naive Bayes、SVM、决策树和随机森林机器学习模型上对这些特征进行了评估。随机森林模型表现优异,准确率(81.6%)、精确率(85.3%)和召回率(89.4%)最高。Kendall's Tau 相关系数为 0.54,这表明我们的模型在根据所选特征预测应用程序是否为恶意应用程序方面具有中度到高度的有效性。情感分析大大提高了所有模型的性能,突出表明了将情感分析与传统特征集整合用于高级恶意软件检测的有效性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
4.30
自引率
10.00%
发文量
252
期刊介绍: This Journal is established with a view to cater to increased awareness for high quality research in the seamless integration of heterogeneous technologies to formulate bankable solutions to the emergent complex engineering problems. Assurance engineering could be thought of as relating to the provision of higher confidence in the reliable and secure implementation of a system’s critical characteristic features through the espousal of a holistic approach by using a wide variety of cross disciplinary tools and techniques. Successful realization of sustainable and dependable products, systems and services involves an extensive adoption of Reliability, Quality, Safety and Risk related procedures for achieving high assurancelevels of performance; also pivotal are the management issues related to risk and uncertainty that govern the practical constraints encountered in their deployment. It is our intention to provide a platform for the modeling and analysis of large engineering systems, among the other aforementioned allied goals of systems assurance engineering, leading to the enforcement of performance enhancement measures. Achieving a fine balance between theory and practice is the primary focus. The Journal only publishes high quality papers that have passed the rigorous peer review procedure of an archival scientific Journal. The aim is an increasing number of submissions, wide circulation and a high impact factor.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信