{"title":"基于Borda计数的重要服务识别的iOS恶意软件检测","authors":"Neetu Sardana, Arpita Jadhav Bhatt","doi":"10.1145/3474124.3474136","DOIUrl":null,"url":null,"abstract":"In today's era, smartphones are used in daily lives because they are ubiquitous and provide internet connectivity everywhere. The primary reason for the increased usage of smartphones is their functional expandability by installing third-party apps, which span a wide range of categories including books, social networking, instant messaging, etc. Users are compelled to use these feature-rich apps. As a result, the menaces because of these apps, which are potentially risky for user's privacy, have increased. As the information on smartphones is perhaps, more personal than compared to data stored on desktops or computers because smartphones remain with individuals throughout the day and generate contextual data through sensors making it an easy target for intruders. Both Android and iOS follow a permission-based access control mechanism to protect the privacy of their users where an app has to specify the permissions it will use during its run-time. However, the users are unaware whether the app is breaching the user's privacy or sharing it with third-party apps. A lot of work for detecting malicious Android apps using feature selection techniques has been conducted because of the availability of a large permission set and labeled data set. However, minimal work has been conducted for the iOS platform because of the limited permission set, limited labeled data set, and closed-source platform. To combat this problem, in the paper we propose an approach to detect malicious iOS apps based on the app's category using static analysis of app permissions to identify the most significant permission. In this work, several feature ranking techniques such as Correlation, Gain ratio, Info gain, OneR, and ReliefF have been employed on a data set of 1150 iOS apps to identify the riskiest permission across 12 different app categories. To improve the permission selection process and improve the precision of classifiers, the Borda count method has been utilized. Our empirical analysis proves that the proposed approach effectively identifies the top 5 risky permissions within different categories.","PeriodicalId":144611,"journal":{"name":"2021 Thirteenth International Conference on Contemporary Computing (IC3-2021)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Detection of iOS Malware apps based on Significant Services Identification using Borda count\",\"authors\":\"Neetu Sardana, Arpita Jadhav Bhatt\",\"doi\":\"10.1145/3474124.3474136\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In today's era, smartphones are used in daily lives because they are ubiquitous and provide internet connectivity everywhere. The primary reason for the increased usage of smartphones is their functional expandability by installing third-party apps, which span a wide range of categories including books, social networking, instant messaging, etc. Users are compelled to use these feature-rich apps. As a result, the menaces because of these apps, which are potentially risky for user's privacy, have increased. As the information on smartphones is perhaps, more personal than compared to data stored on desktops or computers because smartphones remain with individuals throughout the day and generate contextual data through sensors making it an easy target for intruders. Both Android and iOS follow a permission-based access control mechanism to protect the privacy of their users where an app has to specify the permissions it will use during its run-time. However, the users are unaware whether the app is breaching the user's privacy or sharing it with third-party apps. A lot of work for detecting malicious Android apps using feature selection techniques has been conducted because of the availability of a large permission set and labeled data set. However, minimal work has been conducted for the iOS platform because of the limited permission set, limited labeled data set, and closed-source platform. To combat this problem, in the paper we propose an approach to detect malicious iOS apps based on the app's category using static analysis of app permissions to identify the most significant permission. In this work, several feature ranking techniques such as Correlation, Gain ratio, Info gain, OneR, and ReliefF have been employed on a data set of 1150 iOS apps to identify the riskiest permission across 12 different app categories. To improve the permission selection process and improve the precision of classifiers, the Borda count method has been utilized. Our empirical analysis proves that the proposed approach effectively identifies the top 5 risky permissions within different categories.\",\"PeriodicalId\":144611,\"journal\":{\"name\":\"2021 Thirteenth International Conference on Contemporary Computing (IC3-2021)\",\"volume\":\"42 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-08-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 Thirteenth International Conference on Contemporary Computing (IC3-2021)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3474124.3474136\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 Thirteenth International Conference on Contemporary Computing (IC3-2021)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3474124.3474136","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Detection of iOS Malware apps based on Significant Services Identification using Borda count
In today's era, smartphones are used in daily lives because they are ubiquitous and provide internet connectivity everywhere. The primary reason for the increased usage of smartphones is their functional expandability by installing third-party apps, which span a wide range of categories including books, social networking, instant messaging, etc. Users are compelled to use these feature-rich apps. As a result, the menaces because of these apps, which are potentially risky for user's privacy, have increased. As the information on smartphones is perhaps, more personal than compared to data stored on desktops or computers because smartphones remain with individuals throughout the day and generate contextual data through sensors making it an easy target for intruders. Both Android and iOS follow a permission-based access control mechanism to protect the privacy of their users where an app has to specify the permissions it will use during its run-time. However, the users are unaware whether the app is breaching the user's privacy or sharing it with third-party apps. A lot of work for detecting malicious Android apps using feature selection techniques has been conducted because of the availability of a large permission set and labeled data set. However, minimal work has been conducted for the iOS platform because of the limited permission set, limited labeled data set, and closed-source platform. To combat this problem, in the paper we propose an approach to detect malicious iOS apps based on the app's category using static analysis of app permissions to identify the most significant permission. In this work, several feature ranking techniques such as Correlation, Gain ratio, Info gain, OneR, and ReliefF have been employed on a data set of 1150 iOS apps to identify the riskiest permission across 12 different app categories. To improve the permission selection process and improve the precision of classifiers, the Borda count method has been utilized. Our empirical analysis proves that the proposed approach effectively identifies the top 5 risky permissions within different categories.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
