Ranking and Risk Factor Scheme for Malicious applications detection and Classifications

Kiran Khatter; Sapna Malik

doi:10.4018/ijismd.2018070104

Ranking and Risk Factor Scheme for Malicious applications detection and Classifications

International Journal of Information System Modeling and Design ◽

10.4018/ijismd.2018070104 ◽

2018 ◽

Vol 9 (3) ◽

pp. 67-84

Author(s):

Kiran Khatter ◽

Sapna Malik

Keyword(s):

Operating System ◽

Risk Factor ◽

Intrusion Detection ◽

Mobile Device ◽

Energy Efficient ◽

Classification Performance ◽

System Calls ◽

Android Applications ◽

Google Play

Being an open source operating system, android mobiles are attacked by hundreds of malware every year. Moreover, malware are using many veiled techniques that makes it difficult to detect them. Android official markets and the Google Play Store are also not left untouched by malware. This article presents the Ranking and Risk Factor Scheme (RRFS), a hybrid intrusion detection technique for Android devices for the detection of malicious android applications. Ranking and risk factor schemes perform an analysis of Android permissions requested and system calls invoked features by ranking these features with some criteria and calculating the risk factor of each application for the detection and classification of malicious applications of 81 malware families. In the results, the ranking and risk factor scheme outperforms several related approaches and has the detection and classification performance of 99.2% and 88.7%, respectively and proved fast, an energy-efficient technique for resource constraint mobile device

Download Full-text

Security Source Code Analysis of Applications in Android OS

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i4.15.21366 ◽

2018 ◽

Vol 7 (4.15) ◽

pp. 30

Author(s):

Sami Azam ◽

Rajvinder Singh Sumra ◽

Bharanidharan Shanmugam ◽

Kheng Cher Yeo ◽

Mirjam Jonokman ◽

...

Keyword(s):

Operating System ◽

Mobile Phones ◽

Source Code ◽

Security Risk ◽

Great Flexibility ◽

Code Analysis ◽

Malicious Behavior ◽

Android Os ◽

Android Applications ◽

Google Play

It is a known fact that Android mobile phones’ security has room for improvement. Many malicious app developers have targeted android mobile phones, mainly because android as an open operating system provides great flexibility to developers and there are many android phones which do not have the latest security updates. With the update of marshmallow in android, applications request permission only during runtime, but not all users have this update. This is important because user permission is required to perform certain actions. The permissions may be irrelevant to the features provided by an application. The purpose of this research is to investigate the use and security risk of seeming irrelevant permissions in applications available from Google store. Two different applications which seem to ask irrelevant permissions during installation were selected from Google store. To test these applications, static analysis, dynamic analysis and reverse engineering tools were used. Findings show potentially malicious behavior, demonstrating that downloading apps from Google play store do not guarantee security.

Download Full-text

SafeCandy: System for security, analysis and validation in Android

Sistemas y Telemática ◽

10.18046/syt.v13i35.2154 ◽

2015 ◽

Vol 13 (35) ◽

pp. 89-102 ◽

Cited By ~ 2

Author(s):

Sebastián Londoño ◽

Christian Urcuqui ◽

Manuel Fuentes Amaya ◽

Johan Gómez ◽

Andrés Navarro Cadavid

Keyword(s):

Operating System ◽

Mobile Devices ◽

Security Analysis ◽

Threat Detection ◽

Malicious Software ◽

Static And Dynamic Analysis ◽

Security Controls ◽

Android Applications ◽

Google Play ◽

New System

Android is an operating system which currently has over one billion active users for all their mobile devices, a market impact that is influencing an increase in the amount of information that can be obtained from different users, facts that have motivated the development of malicious software by cybercriminals. To solve the problems caused by malware, Android implements a different architecture and security controls, such as a unique user ID (UID) for each application, while an API permits its distribution platform, Google Play applications. It has been shown that there are ways to violate that protection, so the developer community has been developing alternatives aimed at improving the level of safety. This paper presents: the latest information on the various trends and security solutions for Android, and SafeCandy, an app proposed as a new system for analysis, validation and configuration of Android applications that implements static and dynamic analysis with improved ASEF. Finally, a study is included to evaluate the effectiveness in threat detection of different malware antivirus software for Android.

Download Full-text

Machine Learning Approach for Detection of nonTor Traffic

Journal of Cyber Security and Mobility ◽

10.13052/2245-1439.624 ◽

2017 ◽

Author(s):

Elike Hodo ◽

Xavier Bellekens ◽

Ephraim Iorkyase ◽

Andrew Hamilton ◽

Christos Tachtatzis ◽

...

Keyword(s):

Intrusion Detection ◽

Traffic Flow ◽

Network Traffic ◽

Classification Performance ◽

Support Vector ◽

Privacy And Security ◽

Hybrid Classifier ◽

Internet Users ◽

Tor Network

Intrusion detection has attracted a considerable interest from researchers and industry. After many years of research the community still faces the problem of building reliable and efficient intrusion detection systems (IDS) capable of handling large quantities of data with changing patterns in real time situations. The Tor network is popular in providing privacy and security to end user by anonymizing the identity of internet users connecting through a series of tunnels and nodes. This work identifies two problems; classification of Tor traffic and nonTor traffic to expose the activities within Tor traffic that minimizes the protection of users in using the UNB-CIC Tor Network Traffic dataset and classification of the Tor traffic flow in the network. This paper proposes a hybrid classifier; Artificial Neural Network in conjunction with Correlation feature selection algorithm for dimensionality reduction and improved classification performance. The reliability and efficiency of the propose hybrid classifier is compared with Support Vector Machine and naïve Bayes classifiers in detecting nonTor traffic in UNB-CIC Tor Network Traffic dataset. Experimental results show the hybrid classifier, ANN-CFS proved a better classifier in detecting nonTor traffic and classifying the Tor traffic flow in UNB-CIC Tor Network Traffic dataset.

Download Full-text

Analysis of educational augmented reality applications: The case of Android operating systemEğitsel artırılmış gerçeklik uygulamalarının incelenmesi: Android işletim sistemi örneği

Journal of Human Sciences ◽

10.14687/ijhs.v12i2.3524 ◽

2015 ◽

Vol 12 (2) ◽

pp. 1792 ◽

Cited By ~ 5

Author(s):

Ahmet Arslan ◽

Mehmet Elibol

Keyword(s):

Operating System ◽

Augmented Reality ◽

Mobile Devices ◽

System P ◽

Augmented Reality Application ◽

Android Operating System ◽

Google Play

The aim of this study is to examine the educational augmented reality applications developed for mobile devices. In accordance with this aim, mobile educational augmented reality applications restricted by Android operating system were searched under the keywords “Augmented Reality and Education” in the Google Play Store and the first 100 results enumerated according to the downloading number were taken under review and evaluated from different perspectives. This evaluation addresses the following points: (1) whether the evaluated applications have the characteristics of augmented reality, (2) market category of the applications where they are published, (3) the table formed as a result of classification of the researchers, (4) distribution of the subjects in the applications, (5) the area on which augmented reality application runs, (6) last update date of augmented reality applications and (7) downloading number of augmented reality applications. After evaluation of these points 18 applications which take much attention and are considered as important for the education have been evaluated in detail. As the result of study, it was concluded that augmented reality applications run mainly on paper and when the pointer on the paper is swiped as augmented reality they are video – playing applications. ÖzetBu çalışmanın amacı mobil cihazlar için geliştirilmiş eğitsel artırılmış gerçeklik uygulamalarını incelemektir. Bu amaç doğrultusunda Android işletim sistemi ile sınırlandırılan mobil eğitsel arttırılmış gerçeklik uygulamaları Google Play Markette indirilme sayısına göre listelenen ilk 100 sonuç değerlendirmeye alınarak çeşitli açılardan incelenmiştir. Yapılan bu incelemeler şu noktaları kapsamaktadır: (1) incelemeye alınan uygulamaların artırılmış gerçeklik özelliği taşıyıp taşımadığı, (2) uygulamaların yayınlandıkları market kategorisi, (3) araştırmacıların kategorilendirme sonucu oluşan tablo, (4) uygulamalarda işlenen konuların dağılımı, (5) artırılmış gerçeklik uygulamasının çalıştığı alan, (6) artırılmış gerçeklik uygulamalarının son güncellenme tarihleri ve (7)artırılmış gerçeklik uygulamalarının indirilme sayıları. Bu noktalarda yapılan incelemelerin ardından dikkat çeken ve eğitim için önemli olduğu düşünülen 18 adet uygulama detaylıca incelenerek tanıtımları yapılmıştır. Araştırma sonucunda, artırılmış gerçeklik uygulamalarının ağırlıklı olarak kağıt (kitap, dergi, çıktı) üzerinde çalıştığı ve artırılmış gerçeklik olarak kağıt üzerindeki işaretleyici okutulduğunda video oynatan uygulamalar şeklinde olduğu tespit edilmiştir.

Download Full-text

A Study on the Auxiliary Diagnosis of Thyroid Disease Images Based on Multiple Dimensional Deep Learning Algorithms

Current Medical Imaging Formerly Current Medical Imaging Reviews ◽

10.2174/1573405615666190115155223 ◽

2020 ◽

Vol 16 (3) ◽

pp. 199-205

Author(s):

Yuejun Liu ◽

Yifei Xu ◽

Xiangzheng Meng ◽

Xuguang Wang ◽

Tianxu Bai

Keyword(s):

Deep Learning ◽

Learning Algorithms ◽

Region Of Interest ◽

Classification Performance ◽

Thyroid Diseases ◽

Great Success ◽

Learning Models ◽

Good Classification Performance ◽

Spect Images

Background: Medical imaging plays an important role in the diagnosis of thyroid diseases. In the field of machine learning, multiple dimensional deep learning algorithms are widely used in image classification and recognition, and have achieved great success. Objective: The method based on multiple dimensional deep learning is employed for the auxiliary diagnosis of thyroid diseases based on SPECT images. The performances of different deep learning models are evaluated and compared. Methods: Thyroid SPECT images are collected with three types, they are hyperthyroidism, normal and hypothyroidism. In the pre-processing, the region of interest of thyroid is segmented and the amount of data sample is expanded. Four CNN models, including CNN, Inception, VGG16 and RNN, are used to evaluate deep learning methods. Results: Deep learning based methods have good classification performance, the accuracy is 92.9%-96.2%, AUC is 97.8%-99.6%. VGG16 model has the best performance, the accuracy is 96.2% and AUC is 99.6%. Especially, the VGG16 model with a changing learning rate works best. Conclusion: The standard CNN, Inception, VGG16, and RNN four deep learning models are efficient for the classification of thyroid diseases with SPECT images. The accuracy of the assisted diagnostic method based on deep learning is higher than that of other methods reported in the literature.

Download Full-text

Automated classification of clinical trial eligibility criteria text based on ensemble learning and metric learning

BMC Medical Informatics and Decision Making ◽

10.1186/s12911-021-01492-z ◽

2021 ◽

Vol 21 (S2) ◽

Author(s):

Kun Zeng ◽

Yibin Xu ◽

Ge Lin ◽

Likeng Liang ◽

Tianyong Hao

Keyword(s):

Clinical Trial ◽

Ensemble Learning ◽

Metric Learning ◽

Classification Performance ◽

Ensemble Model ◽

Automated Classification ◽

Eligibility Criteria ◽

Data Imbalance ◽

The Impact

Abstract Background Eligibility criteria are the primary strategy for screening the target participants of a clinical trial. Automated classification of clinical trial eligibility criteria text by using machine learning methods improves recruitment efficiency to reduce the cost of clinical research. However, existing methods suffer from poor classification performance due to the complexity and imbalance of eligibility criteria text data. Methods An ensemble learning-based model with metric learning is proposed for eligibility criteria classification. The model integrates a set of pre-trained models including Bidirectional Encoder Representations from Transformers (BERT), A Robustly Optimized BERT Pretraining Approach (RoBERTa), XLNet, Pre-training Text Encoders as Discriminators Rather Than Generators (ELECTRA), and Enhanced Representation through Knowledge Integration (ERNIE). Focal Loss is used as a loss function to address the data imbalance problem. Metric learning is employed to train the embedding of each base model for feature distinguish. Soft Voting is applied to achieve final classification of the ensemble model. The dataset is from the standard evaluation task 3 of 5th China Health Information Processing Conference containing 38,341 eligibility criteria text in 44 categories. Results Our ensemble method had an accuracy of 0.8497, a precision of 0.8229, and a recall of 0.8216 on the dataset. The macro F1-score was 0.8169, outperforming state-of-the-art baseline methods by 0.84% improvement on average. In addition, the performance improvement had a p-value of 2.152e-07 with a standard t-test, indicating that our model achieved a significant improvement. Conclusions A model for classifying eligibility criteria text of clinical trials based on multi-model ensemble learning and metric learning was proposed. The experiments demonstrated that the classification performance was improved by our ensemble model significantly. In addition, metric learning was able to improve word embedding representation and the focal loss reduced the impact of data imbalance to model performance.

Download Full-text

A first look at Android applications in Google Play related to COVID-19

Empirical Software Engineering ◽

10.1007/s10664-021-09943-x ◽

2021 ◽

Vol 26 (4) ◽

Cited By ~ 1

Author(s):

Jordan Samhi ◽

Kevin Allix ◽

Tegawendé F. Bissyandé ◽

Jacques Klein

Keyword(s):

Mobile Apps ◽

Contact Tracing ◽

Location Tracking ◽

Response Effort ◽

Sensitive Data ◽

Android Apps ◽

Digital World ◽

Public Health Organizations ◽

Android Applications ◽

Google Play

AbstractDue to the convenience of access-on-demand to information and business solutions, mobile apps have become an important asset in the digital world. In the context of the COVID-19 pandemic, app developers have joined the response effort in various ways by releasing apps that target different user bases (e.g., all citizens or journalists), offer different services (e.g., location tracking or diagnostic-aid), provide generic or specialized information, etc. While many apps have raised some concerns by spreading misinformation or even malware, the literature does not yet provide a clear landscape of the different apps that were developed. In this study, we focus on the Android ecosystem and investigate Covid-related Android apps. In a best-effort scenario, we attempt to systematically identify all relevant apps and study their characteristics with the objective to provide a first taxonomy of Covid-related apps, broadening the relevance beyond the implementation of contact tracing. Overall, our study yields a number of empirical insights that contribute to enlarge the knowledge on Covid-related apps: (1) Developer communities contributed rapidly to the COVID-19, with dedicated apps released as early as January 2020; (2) Covid-related apps deliver digital tools to users (e.g., health diaries), serve to broadcast information to users (e.g., spread statistics), and collect data from users (e.g., for tracing); (3) Covid-related apps are less complex than standard apps; (4) they generally do not seem to leak sensitive data; (5) in the majority of cases, Covid-related apps are released by entities with past experience on the market, mostly official government entities or public health organizations.

Download Full-text

Space Precession Target Classification Based on Radar High-Resolution Range Profiles

International Journal of Antennas and Propagation ◽

10.1155/2019/8151620 ◽

2019 ◽

Vol 2019 ◽

pp. 1-9

Author(s):

Yizhe Wang ◽

Cunqian Feng ◽

Yongshun Zhang ◽

Sisan He

Keyword(s):

Parameter Extraction ◽

Classification Performance ◽

Support Vector ◽

Electromagnetic Data ◽

Feature Extractor ◽

Different Types ◽

Radar Echo ◽

High Level ◽

Cone Target

Precession is a common micromotion form of space targets, introducing additional micro-Doppler (m-D) modulation into the radar echo. Effective classification of space targets is of great significance for further micromotion parameter extraction and identification. Feature extraction is a key step during the classification process, largely influencing the final classification performance. This paper presents two methods for classifying different types of space precession targets from the HRRPs. We first establish the precession model of space targets and analyze the scattering characteristics and then compute electromagnetic data of the cone target, cone-cylinder target, and cone-cylinder-flare target. Experimental results demonstrate that the support vector machine (SVM) using histograms of oriented gradient (HOG) features achieves a good result, whereas the deep convolutional neural network (DCNN) obtains a higher classification accuracy. DCNN combines the feature extractor and the classifier itself to automatically mine the high-level signatures of HRRPs through a training process. Besides, the efficiency of the two classification processes are compared using the same dataset.

Download Full-text

Intrusion detection: An energy efficient approach in heterogeneous WSN

2011 International Conference on Emerging Trends in Electrical and Computer Technology ◽

10.1109/icetect.2011.5760281 ◽

2011 ◽

Cited By ~ 4

Author(s):

T Mohamed Mubarak ◽

Syed Abdul Sattar ◽

G. Appa Rao ◽

M Sajitha

Keyword(s):

Intrusion Detection ◽

Energy Efficient ◽

Efficient Approach

Download Full-text

Design of ARM Based Embedded Operating System Micro Kernel

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.347-350.1799 ◽

2013 ◽

Vol 347-350 ◽

pp. 1799-1803

Author(s):

Bo Qu ◽

Zhao Zhi Wu

Keyword(s):

Operating System ◽

Core Layer ◽

Embedded Operating System ◽

Time Sharing ◽

Tool Chain ◽

Design And Implementation ◽

System Calls ◽

Three Layer Architecture ◽

Technical Details ◽

And Task

This paper describes the design and implementation of an ARM based embedded operating system micro kernel developed on Linux platform with GNU tool chain in technical details, including the three-layer architecture of the kernel (boot layer, core layer and task layer), multi-task schedule (priority for real-time and round-robin for time-sharing), IRQ handler, SWI handler, system calls, and inter-task communication based on which the micro-kernel architecture is constructed. On the foundation of this micro kernel, more components essential to a practical operating system, such as file system and TCP/IP processing, can be added in order to form a real and practical multi-task micro-kernel embedded operating system.

Download Full-text