{"title":"VADER-RF: a novel scheme for protecting user privacy on android devices","authors":"Manish Verma, Parma Nand","doi":"10.1007/s13198-024-02461-1","DOIUrl":null,"url":null,"abstract":"<p>Android protects user privacy through its permission system and explains permission usage in privacy disclosure. Privacy disclosure often fails to predict app behavior accurately and leading to potential exploitation by malicious applications. To address this, we propose the VADER-RF technique, which combines VADER sentiment analysis with Random Forest machine learning to correlate privacy disclosures with app behavior. Our model analyzes privacy disclosure documents using sentiment analysis, extracting permissions from AndroidManifest.xml file, and explore the data flow analysis of Java files. These features were evaluated on Naive Bayes, SVM, Decision Tree and Random Forest machine learning models. The Random Forest model demonstrated superior performance with the highest accuracy (81.6%), precision (85.3%) and recall (89.4%). Kendall's Tau correlation coefficient is 0.54, which indicates that our model is moderate to strongly effective at predicting whether an app is malicious based on the selected features. Sentiment analysis significantly enhanced all models’ performance, underscoring the effectiveness of integrating sentiment analysis with traditional feature sets for advanced malware detection.</p>","PeriodicalId":14463,"journal":{"name":"International Journal of System Assurance Engineering and Management","volume":null,"pages":null},"PeriodicalIF":1.6000,"publicationDate":"2024-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of System Assurance Engineering and Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1007/s13198-024-02461-1","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"ENGINEERING, MULTIDISCIPLINARY","Score":null,"Total":0}
引用次数: 0
Abstract
Android protects user privacy through its permission system and explains permission usage in privacy disclosure. Privacy disclosure often fails to predict app behavior accurately and leading to potential exploitation by malicious applications. To address this, we propose the VADER-RF technique, which combines VADER sentiment analysis with Random Forest machine learning to correlate privacy disclosures with app behavior. Our model analyzes privacy disclosure documents using sentiment analysis, extracting permissions from AndroidManifest.xml file, and explore the data flow analysis of Java files. These features were evaluated on Naive Bayes, SVM, Decision Tree and Random Forest machine learning models. The Random Forest model demonstrated superior performance with the highest accuracy (81.6%), precision (85.3%) and recall (89.4%). Kendall's Tau correlation coefficient is 0.54, which indicates that our model is moderate to strongly effective at predicting whether an app is malicious based on the selected features. Sentiment analysis significantly enhanced all models’ performance, underscoring the effectiveness of integrating sentiment analysis with traditional feature sets for advanced malware detection.
期刊介绍:
This Journal is established with a view to cater to increased awareness for high quality research in the seamless integration of heterogeneous technologies to formulate bankable solutions to the emergent complex engineering problems.
Assurance engineering could be thought of as relating to the provision of higher confidence in the reliable and secure implementation of a system’s critical characteristic features through the espousal of a holistic approach by using a wide variety of cross disciplinary tools and techniques. Successful realization of sustainable and dependable products, systems and services involves an extensive adoption of Reliability, Quality, Safety and Risk related procedures for achieving high assurancelevels of performance; also pivotal are the management issues related to risk and uncertainty that govern the practical constraints encountered in their deployment. It is our intention to provide a platform for the modeling and analysis of large engineering systems, among the other aforementioned allied goals of systems assurance engineering, leading to the enforcement of performance enhancement measures. Achieving a fine balance between theory and practice is the primary focus. The Journal only publishes high quality papers that have passed the rigorous peer review procedure of an archival scientific Journal. The aim is an increasing number of submissions, wide circulation and a high impact factor.