Risk Assessment Scheme for Mobile Applications Based on Tree Boosting

Kim, Ki-Chang; Kim, Jin-Sung; Ko, Eunbyeol; Yi, Jeong Hyun

doi:10.1109/access.2020.2979477

Cited by 7 publications

(7 citation statements)

References 19 publications

(13 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We also evaluated the effectiveness of ACAMA with AVClass. In summary, the evaluation results show that ACAMA outperforms the previous approach proposed by Kim et al [11]. Also, we observed that ACAMA can classify 72.456% of malware that AVClass cannot classify.…”

Section: Discussionsupporting

confidence: 55%

“…Figure 9 shows the accuracy comparison results between ACAMA and a malicious application detection system proposed by Kim et al [11], closely related with ACAMA, that use APIs as a feature. e verification accuracy is a result of malicious detection by reapplying the list to the training dataset after removing 10% of it to verify the effectiveness of the classifier.…”

Section: Malware Detection Resultmentioning

confidence: 99%

“…Approaches. Many approaches were proposed to analyze malicious applications using their APIs [5][6][7][8][9][11][12][13][14][15][16][17]. DroidAPIMiner [6] detected malware with k-Nearest Neighbors (k-NN) [18] by using APIs in malware.…”

Section: Api-basedmentioning

confidence: 99%

“…However, not all of the algorithms used can be considered suitable for API data. Also, the method of bagging ensemble other algorithms is not suitable for classifying malware into specific categories [5,11]. Kim et al's [11] methods, like AVIS, directly scored APIs to create API rankings and quantitatively evaluated applications.…”

Section: Api-basedmentioning

confidence: 99%

“…Also, the method of bagging ensemble other algorithms is not suitable for classifying malware into specific categories [5,11]. Kim et al's [11] methods, like AVIS, directly scored APIs to create API rankings and quantitatively evaluated applications. However, unlike AVIS, the application was quantitatively evaluated using a weighted average value.…”

Section: Api-basedmentioning

confidence: 99%

See 4 more Smart Citations

ACAMA: Deep Learning-Based Detection and Classification of Android Malware Using API-Based Features

Kim

Ban

et al. 2021

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

As a great number of IoT and mobile devices are used in our daily lives, the security of mobile devices is being important than ever. If mobile devices which play a key role in connecting devices are exploited by malware to perform malicious behaviors, this can cause serious damage to other devices as well. Hence, a huge research effort has been put forward to prevent such situation. Among them, many studies attempted to detect malware based on APIs used in malware. In general, they showed the high accuracy in detecting malware, but they could not classify malware into detailed categories because their detection mechanisms do not consider the characteristics of each malware category. In this paper, we propose a malware detection and classification approach, named ACAMA, that can detect malware and categorize them with high accuracy. To show the effectiveness of ACAMA, we implement and evaluate it with previously proposed approaches. Our evaluation results demonstrate that ACAMA detects malware with 26% higher accuracy than a previous work. In addition, we show that ACAMA can successfully classify applications that another previous work, AVClass, cannot classify.

show abstract

Section: Discussionsupporting

confidence: 55%

Section: Malware Detection Resultmentioning

confidence: 99%

Section: Api-basedmentioning

confidence: 99%

Section: Api-basedmentioning

confidence: 99%

Section: Api-basedmentioning

confidence: 99%

See 3 more Smart Citations

ACAMA: Deep Learning-Based Detection and Classification of Android Malware Using API-Based Features

Kim

Ban

et al. 2021

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

show abstract

MAPAS: a practical deep learning-based android malware detection system

Kim

Ban

et al. 2022

Int. J. Inf. Secur.

Self Cite

View full text Add to dashboard Cite

A lot of malicious applications appears every day, threatening numerous users. Therefore, a surge of studies have been conducted to protect users from newly emerging malware by using machine learning algorithms. Albeit existing machine or deep learning-based Android malware detection approaches achieve high accuracy by using a combination of multiple features, it is not possible to employ them on our mobile devices due to the high cost for using them. In this paper, we propose MAPAS, a malware detection system, that achieves high accuracy and adaptable usages of computing resources. MAPAS analyzes behaviors of malicious applications based on API call graphs of them by using convolution neural networks (CNN). However, MAPAS does not use a classifier model generated by CNN, it only utilizes CNN for discovering common features of API call graphs of malware. For efficiently detecting malware, MAPAS employs a lightweight classifier that calculates a similarity between API call graphs used for malicious activities and API call graphs of applications that are going to be classified. To demonstrate the effectiveness and efficiency of MAPAS, we implement a prototype and thoroughly evaluate it. And, we compare MAPAS with a state-of-the-art Android malware detection approach, MaMaDroid. Our evaluation results demonstrate that MAPAS can classify applications 145.8% faster and uses memory around ten times lower than MaMaDroid. Also, MAPAS achieves higher accuracy (91.27%) than MaMaDroid (84.99%) for detecting unknown malware. In addition, MAPAS can generally detect any type of malware with high accuracy.

show abstract