{"title":"通过基于模型机器学习的集成学习和多个应用属性设计蜂窝应用的私人风险评估","authors":"R. Zakariya, Kalamullah Ramli","doi":"10.25126/jtiik.20241047029","DOIUrl":null,"url":null,"abstract":"Aplikasi berbasis Android banyak dikembangkan dan tersedia secara bebas di berbagai sumber aplikasi karena sistem operasi Android yang bersifat open-source. Namun, tidak semua penyedia aplikasi memberikan informasi detail mengenai aspek keamanan aplikasi, sehingga pengguna mengalami kesulitan untuk menilai dan memahami risiko keamanan privasi yang mereka hadapi. Pada penelitian ini kami mengusulkan desain penilaian risiko privasi melalui pendekatan analisis permission dan informasi atribut aplikasi. Kami menggunakan ensemble learning untuk mengatasi kelemahan dari penggunaan model klasifikasi tunggal. Penilaian likelihood dilakukan dengan mengombinasikan prediksi ensemble learning dan informasi multiple application attributes, sementara penilaian severity dilakukan dengan memanfaatkan jumlah dan karakteristik permission. Sebuah matriks risiko dibentuk untuk menghitung nilai risiko privasi aplikasi dan dataset CIC-AndMal2017 digunakan untuk mengevaluasi model ensemble learning dan desain penilaian risiko privasi. Hasil percobaan menunjukkan bahwa penerapan ensemble learning dengan algoritma klasifikasi Decision Tree (DT), K-Nearest Neighbor (KNN), dan Random Forest (RF) memiliki performa model yang lebih baik dibandingkan dengan menggunakan algoritma klasifikasi tunggal, dengan accuracy sebesar 95.2%, nilai precision 93.2%, nilai F1-score 92.4%, dan True Negative Rate (TNR) sebesar 97.6%. Serta, desain penilaian risiko mampu menilai aplikasi secara efektif dan objektif. AbstractSince the Android operating system is open-source, many Android-based applications are developed and freely available in app stores. However, not all developers of applications supply detailed information about the app's security aspects, making it difficult for users to assess and understand the risk of privacy breaches they confront. We propose a privacy risk assessment design in this study using an analytical approach to app permissions and attribute information. We use ensemble learning to overcome the drawbacks of using a single classification model. The likelihood assessment is performed by combining ensemble learning predictions and information on multiple application attributes, while the severity assessment is performed by utilizing the number and characteristics of permissions. A risk matrix was created to calculate the value of application privacy risk, and the CIC-AndMal2017 dataset was used to evaluate the ensemble learning model and privacy risk assessment designs. The experimental results show that the application of ensemble learning with the Decision Tree (DT), K-Nearest Neighbor (KNN), and Random Forest (RF) classification algorithms provides better model performance compared to using a single classification algorithm, with an accuracy of 95.2%, a precision value of 93.2%, a F1-score of 92.4%, and a True Negative Rate (TNR) of 97.6%. In addition, the risk assessment design can to assess the application effectively and objectively. ","PeriodicalId":32501,"journal":{"name":"Jurnal Teknologi Informasi dan Ilmu Komputer","volume":" ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Desain Penilaian Risiko Privasi pada Aplikasi Seluler Melalui Model Machine Learning Berbasis Ensemble Learning dan Multiple Application Attributes\",\"authors\":\"R. Zakariya, Kalamullah Ramli\",\"doi\":\"10.25126/jtiik.20241047029\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Aplikasi berbasis Android banyak dikembangkan dan tersedia secara bebas di berbagai sumber aplikasi karena sistem operasi Android yang bersifat open-source. Namun, tidak semua penyedia aplikasi memberikan informasi detail mengenai aspek keamanan aplikasi, sehingga pengguna mengalami kesulitan untuk menilai dan memahami risiko keamanan privasi yang mereka hadapi. Pada penelitian ini kami mengusulkan desain penilaian risiko privasi melalui pendekatan analisis permission dan informasi atribut aplikasi. Kami menggunakan ensemble learning untuk mengatasi kelemahan dari penggunaan model klasifikasi tunggal. Penilaian likelihood dilakukan dengan mengombinasikan prediksi ensemble learning dan informasi multiple application attributes, sementara penilaian severity dilakukan dengan memanfaatkan jumlah dan karakteristik permission. Sebuah matriks risiko dibentuk untuk menghitung nilai risiko privasi aplikasi dan dataset CIC-AndMal2017 digunakan untuk mengevaluasi model ensemble learning dan desain penilaian risiko privasi. Hasil percobaan menunjukkan bahwa penerapan ensemble learning dengan algoritma klasifikasi Decision Tree (DT), K-Nearest Neighbor (KNN), dan Random Forest (RF) memiliki performa model yang lebih baik dibandingkan dengan menggunakan algoritma klasifikasi tunggal, dengan accuracy sebesar 95.2%, nilai precision 93.2%, nilai F1-score 92.4%, dan True Negative Rate (TNR) sebesar 97.6%. Serta, desain penilaian risiko mampu menilai aplikasi secara efektif dan objektif. AbstractSince the Android operating system is open-source, many Android-based applications are developed and freely available in app stores. However, not all developers of applications supply detailed information about the app's security aspects, making it difficult for users to assess and understand the risk of privacy breaches they confront. We propose a privacy risk assessment design in this study using an analytical approach to app permissions and attribute information. We use ensemble learning to overcome the drawbacks of using a single classification model. The likelihood assessment is performed by combining ensemble learning predictions and information on multiple application attributes, while the severity assessment is performed by utilizing the number and characteristics of permissions. A risk matrix was created to calculate the value of application privacy risk, and the CIC-AndMal2017 dataset was used to evaluate the ensemble learning model and privacy risk assessment designs. The experimental results show that the application of ensemble learning with the Decision Tree (DT), K-Nearest Neighbor (KNN), and Random Forest (RF) classification algorithms provides better model performance compared to using a single classification algorithm, with an accuracy of 95.2%, a precision value of 93.2%, a F1-score of 92.4%, and a True Negative Rate (TNR) of 97.6%. In addition, the risk assessment design can to assess the application effectively and objectively. \",\"PeriodicalId\":32501,\"journal\":{\"name\":\"Jurnal Teknologi Informasi dan Ilmu Komputer\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-08-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Jurnal Teknologi Informasi dan Ilmu Komputer\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.25126/jtiik.20241047029\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Jurnal Teknologi Informasi dan Ilmu Komputer","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.25126/jtiik.20241047029","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
基于Android的应用程序因其开放源代码的Android操作系统而在应用程序资源中广泛开发和免费提供。然而,并不是所有的应用程序提供者都提供关于应用程序安全方面的详细信息,这使得用户很难评估和理解他们所面临的隐私风险。在这项研究中,我们建议通过许可分析和应用属性信息的方法设计隐私风险评估。我们用整体学习来解决使用单一分类模型的缺陷。面食评估是通过结合可预测的学习和多应用应用的信息来进行的,而severity评估则是通过利用许可的数量和特点来进行的。创建了一个风险矩阵来计算应用程序的隐私和数据集CIC-AndMal2017用来评估可接受学习模式和隐私风险评估设计。实验结果表明,使用pt Decision Tree (DT)、K-Nearest Neighbor (KNN)分类算法和Random Forest(射频)的对等学习算法比使用一个单一分类算法更有效,准确值为95%。风险评估设计也能够有效、客观地评估应用程序。自从Android操作系统是开源的,许多基于应用的应用已经开发出来,在应用程序stores中是免费的。However,并不是所有的应用程序都详细披露了该应用程序的安全aspects,使其更难理解他们面临的隐私风险。我们建议使用分析方法对应用许可和态度信息进行隐私风险评估。我们用一种可以学习的方法来完善使用单古典化模型的drawbacks。利弊评估是通过一系列应用程序的可接受性和信息表现出来的,而某些评估是通过使用数字和魅力表现出来的。一个有风险的矩阵是用来计算隐私风险应用的价值的,而cic -和mal2017数据集是用来评估潜在的学习模式和风险评估设计。实验results秀那个应用程序》全剧学习with The Decision Tree (DT), K-Nearest邻居(KNN)和随机森林(射频)classification算法provides更好的演出compared用百万单曲classification算法模型,用95 . 2%,a的评比的高级之价值的2%,a F1-score 92 93。4%,与a True负率(TNR)》97 6%。此外,风险评估设计可以评估应用程序的效果和目标。
Desain Penilaian Risiko Privasi pada Aplikasi Seluler Melalui Model Machine Learning Berbasis Ensemble Learning dan Multiple Application Attributes
Aplikasi berbasis Android banyak dikembangkan dan tersedia secara bebas di berbagai sumber aplikasi karena sistem operasi Android yang bersifat open-source. Namun, tidak semua penyedia aplikasi memberikan informasi detail mengenai aspek keamanan aplikasi, sehingga pengguna mengalami kesulitan untuk menilai dan memahami risiko keamanan privasi yang mereka hadapi. Pada penelitian ini kami mengusulkan desain penilaian risiko privasi melalui pendekatan analisis permission dan informasi atribut aplikasi. Kami menggunakan ensemble learning untuk mengatasi kelemahan dari penggunaan model klasifikasi tunggal. Penilaian likelihood dilakukan dengan mengombinasikan prediksi ensemble learning dan informasi multiple application attributes, sementara penilaian severity dilakukan dengan memanfaatkan jumlah dan karakteristik permission. Sebuah matriks risiko dibentuk untuk menghitung nilai risiko privasi aplikasi dan dataset CIC-AndMal2017 digunakan untuk mengevaluasi model ensemble learning dan desain penilaian risiko privasi. Hasil percobaan menunjukkan bahwa penerapan ensemble learning dengan algoritma klasifikasi Decision Tree (DT), K-Nearest Neighbor (KNN), dan Random Forest (RF) memiliki performa model yang lebih baik dibandingkan dengan menggunakan algoritma klasifikasi tunggal, dengan accuracy sebesar 95.2%, nilai precision 93.2%, nilai F1-score 92.4%, dan True Negative Rate (TNR) sebesar 97.6%. Serta, desain penilaian risiko mampu menilai aplikasi secara efektif dan objektif. AbstractSince the Android operating system is open-source, many Android-based applications are developed and freely available in app stores. However, not all developers of applications supply detailed information about the app's security aspects, making it difficult for users to assess and understand the risk of privacy breaches they confront. We propose a privacy risk assessment design in this study using an analytical approach to app permissions and attribute information. We use ensemble learning to overcome the drawbacks of using a single classification model. The likelihood assessment is performed by combining ensemble learning predictions and information on multiple application attributes, while the severity assessment is performed by utilizing the number and characteristics of permissions. A risk matrix was created to calculate the value of application privacy risk, and the CIC-AndMal2017 dataset was used to evaluate the ensemble learning model and privacy risk assessment designs. The experimental results show that the application of ensemble learning with the Decision Tree (DT), K-Nearest Neighbor (KNN), and Random Forest (RF) classification algorithms provides better model performance compared to using a single classification algorithm, with an accuracy of 95.2%, a precision value of 93.2%, a F1-score of 92.4%, and a True Negative Rate (TNR) of 97.6%. In addition, the risk assessment design can to assess the application effectively and objectively.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
