Visual analytics and visualization for android security risk

Yoo, Seong-Joon; Ryu, Hong Ryeol; Yeon, Hanbyul; Kwon, Taekyoung; Jang, Yun

doi:10.1016/j.cola.2019.03.004

Cited by 7 publications

(4 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Finally, the hybrid approach defines new metrics based on a combination of different risk ranks. For instance, in [66] a risk score for permissions is defined with five sub-scores that take into account the permission frequency between benign or malicious applications, the monetary cost, the protection-level, and the relation with private information.…”

Section: Permission Risk Assessmentmentioning

confidence: 99%

ARANAC: A Bring-Your-Own-Permissions Network Access Control Methodology for Android Devices

et al. 2021

View full text Add to dashboard Cite

In this paper, we introduce a new methodology for network access control for Android devices based on app risk assessment. Named ARANAC (which stands for Application Risk Assessment based Network Access Control), this methodology is specially tailored for scenarios using the Bring-Your-Own-Device (BYOD) policy, where the adoption of some solutions can lead to problems in security and privacy for both the employees and the business organization. ARANAC mainly relies on the analysis of an aggregate of permissions declared in the manifests of installed applications on users' devices. The access control scheme combines three operational modules: i) a device monitoring tool, ii) a novel permission-based risk model, and iii) an anomaly-based detection machine learning module based on a methodology (called MSNM, from Multivariate Statistical Network Monitoring) that provides both detection and diagnostic capabilities. ARANAC's novelty is in the combination of four features. Firstly, it is privacy-aware, and thus, it does not require detailed information about installed applications but only an aggregate of permissions. Secondly, it builds a normality model by combining expert knowledge with data, capturing the behavior of a complete population of mobile devices. Thirdly, it is dynamic, as permissions are updated in real time, allowing the network to re-assess access control on a continuous basis. Finally, its diagnostic capabilities allow for giving recommendations to final users so that they are capable of mitigating their risks when accessing networks. We evaluated the approach with more than 80 Android devices at a university campus network and obtained interesting results regarding security risks in the usual deployment of device apps.INDEX TERMS Android permissions, bring-your-own-device, mobile security, network access control, risk assessment.

show abstract

Section: Permission Risk Assessmentmentioning

confidence: 99%

ARANAC: A Bring-Your-Own-Permissions Network Access Control Methodology for Android Devices

et al. 2021

View full text Add to dashboard Cite

show abstract

“…If there are no regularities in these comments, the algorithms cannot detect or predict any categories. In this section, we make use of visual analysis [67][68][69][70][71][72][73] to better understand student comments and to compare the degree of consistency and symmetry among the visualization results against some algorithm results. In particular, we first find some patterns in the student comments of the ITC-114 database and then visualize the keywords in these comments.…”

Section: Visualization Of Student Online Commentsmentioning

confidence: 99%

Performance Evaluation of Keyword Extraction Methods and Visualization for Student Online Comments

Liu

Huang

et al. 2020

Symmetry

View full text Add to dashboard Cite

Topic keyword extraction (as a typical task in information retrieval) refers to extracting the core keywords from document topics. In an online environment, students often post comments in subject forums. The automatic and accurate extraction of keywords from these comments are beneficial to lecturers (particular when it comes to repeatedly delivered subjects). In this paper, we compare the performance of traditional machine learning algorithms and two deep learning methods in extracting topic keywords from student comments posted in subject forums. For this purpose, we collected student comment data from a period of two years, manually tagging part of the raw data for our experiments. Based on this dataset, we comprehensively compared the five typical algorithms of naïve Bayes, logistic regression, support vector machine, convolutional neural networks, and Long Short-Term Memory with Attention (Att-LSTM). The performances were measured by the four evaluation metrics. We further examined the keywords by visualization. From the results of our experiment and visualization, we conclude that the Att-LSTM method is the best approach for topic keyword extraction from student comments. Further, the results from the algorithms and visualization are symmetry, to some degree. In particular, the extracted topics from the comments posted at the same stages of different teaching sessions are, almost, reflection symmetry.

show abstract

“…Smartphone users should protect their devices by setting lock screen protection, using thirdparty security applications, and choosing appropriate security settings because the default settings are often insufficient [17]. Information security breaches such as malware often activate unexpectedly [18]. Security breaches, such as planting a virus/malware, will have unpleasant consequences such as loss of productivity, theft of information assets, system downtime, damage to IT infrastructure, damage to the organization's reputation, lawsuits, fines, and regulatory action [19].…”

Section: Introductionmentioning

confidence: 99%

Differences in Information Security Behavior of Smartphone Users in Indonesia Using Pearsonâ€™s Chi-square and Post Hoc Test

Candiwan¹,

Sudirman²,

Sari³

2023

Int. J. Adv. Sci. Eng. Inf. Technol.

View full text Add to dashboard Cite

The risk of data theft is still a negative impact of smartphone technology development that harms its users. One cause of data theft is information security behavior. Therefore, this study was conducted to determine information security behavior and its differences among smartphone users in Indonesia based on the demographic variables (i.e., gender, generation, educational background, and operating system) and four approaches, namely Avoiding Harmful Behavior, Settings, and Add-on Utilities, Preventive Behavior, and Disaster/Data Recovery. The data obtained from 400 respondents were processed using Pearson's chi-square and post hoc tests. The results showed that there are significant differences between the demographic variables and approaches. It was revealed that men behave better than women in terms of adopting settings and add-on utilities, preventive behavior, and disaster/data recovery. On the other hand, men tend to have riskier behavior than women in avoiding harmful behavior. Based on generation, it was found that Generation Z exhibits more secure behavior than Generation Y in terms of settings and add-on utilities regarding remote device locking. Meanwhile, Generation Z has better behavior than Generations X and Y in preventive behavior as they uninstall/remove unused applications. Furthermore, undergraduate users behave better than high schoolers in avoiding harmful behaviors such as sharing PIN/passwords. Lastly, iOS users were found to have better data recovery behavior than Android users in automatically backing up data in the cloud. These results can be considered when designing security education, training, and awareness programs to improve information security.

show abstract

Visual analytics and visualization for android security risk

Cited by 7 publications

References 5 publications

ARANAC: A Bring-Your-Own-Permissions Network Access Control Methodology for Android Devices

ARANAC: A Bring-Your-Own-Permissions Network Access Control Methodology for Android Devices

Performance Evaluation of Keyword Extraction Methods and Visualization for Student Online Comments

Differences in Information Security Behavior of Smartphone Users in Indonesia Using Pearsonâ€™s Chi-square and Post Hoc Test

Contact Info

Product

Resources

About