GDL

Journal from gdlhub / 2022-02-14 15:33:45
Oleh : Arpita Jadhav Bhatt, Chetna Gupta, Sangeeta Mittal, King Saud University
Dibuat : 2022-02-14, dengan 0 file

Keyword : iOS applications, Information security, Static analysis, Permission extraction, Active learning
Url : http://www.sciencedirect.com/science/article/pii/S131915781830291X
Sumber pengambilan dokumen : web

Do iOS applications breach privacy? With plethora of iOS applications available in market, most users are unaware of security risks they pose. This includes breach of user’s privacy by sharing personal and sensitive Smartphone data without user’s consent. Apple follows strict code signing procedure to ensure that applications are developed from trusted enterprises. However, past malware attacks on iOS devices have demonstrated that there is lack of protection from permission misuse by applications. While machine learning approaches offer promising results in detecting such malicious applications for Android operating system, there has been minimal research in extending them to iOS platform due to unavailability of labeled data-sets. In this study, we propose iABC-AL (iOS Application analyzer and Behavior Classifier using Active Learning), a framework to detect malicious iOS applications. The objective of iABC-AL is to protect permission induced user’s privacy risks by (i) maximizing precision of machine learning based classification models and (ii) minimize requirement of labeled training data-set. To attain the objective, iABC-AL framework incorporates category of application and active learning approaches. A total of 2325 iOS applications were evaluated. Empirical results demonstrate that the proposed approach achieves accuracy rate of 91.5% and increases precision of supervised approach by 14.5%.

Deskripsi Alternatif :

Do iOS applications breach privacy? With plethora of iOS applications available in market, most users are unaware of security risks they pose. This includes breach of user’s privacy by sharing personal and sensitive Smartphone data without user’s consent. Apple follows strict code signing procedure to ensure that applications are developed from trusted enterprises. However, past malware attacks on iOS devices have demonstrated that there is lack of protection from permission misuse by applications. While machine learning approaches offer promising results in detecting such malicious applications for Android operating system, there has been minimal research in extending them to iOS platform due to unavailability of labeled data-sets. In this study, we propose iABC-AL (iOS Application analyzer and Behavior Classifier using Active Learning), a framework to detect malicious iOS applications. The objective of iABC-AL is to protect permission induced user’s privacy risks by (i) maximizing precision of machine learning based classification models and (ii) minimize requirement of labeled training data-set. To attain the objective, iABC-AL framework incorporates category of application and active learning approaches. A total of 2325 iOS applications were evaluated. Empirical results demonstrate that the proposed approach achieves accuracy rate of 91.5% and increases precision of supervised approach by 14.5%.

Beri Komentar ?#(0) | Bookmark

Properti	Nilai Properti
ID Publisher	gdlhub
Organisasi	King Saud University
Nama Kontak	Herti Yani, S.Kom
Alamat	Jln. Jenderal Sudirman
Kota	Jambi
Daerah	Jambi
Negara	Indonesia
Telepon	0741-35095
Fax	0741-35093
E-mail Administrator	elibrarystikom@gmail.com
E-mail CKO	elibrarystikom@gmail.com