Discovering communities of malapps on Android-based mobile cyber-physical systems

Dan Su, Jiqiang Liu, Wei Wang, Xiaoyang Wang, Xiaojiang Du, Mohsen Guizani

Research output: Contribution to journalArticlepeer-review

14 Scopus citations

Abstract

Android-based devices like smartphones have become ideal mobile cyber-physical systems (MCPS) due to their powerful processors and variety of sensors. In recent years, an explosively and continuously growing number of malicious applications (malapps) have posed a great threat to Android-based MCPS as well as users’ privacy. The effective detection of malapps is an emerging yet crucial task. How to establish relationships among malapps, discover their potential communities, and explore their evolution process has become a challenging issue in effective detection of malapps. To deal with this issue, in this work, we are motivated to propose an automated community detection method for Android malapps by building a relation graph based on their static features. First, we construct a large feature set to profile the behaviors of malapps. Second, we propose an E-N algorithm for graph construction by combining epsilon graph and k-nearest neighbor (k-NN) graph. It solves the problem of an incomplete graph led by epsilon method and the problem of noise generated by k-NN graph. Finally, a community detection method, Infomap, is employed to explore the underlying structures of the relation graph, and obtain the communities of malapps. We evaluate our community detection method with 3996 malapp samples. Extensive experimental results show that our method outperforms the traditional clustering methods and achieves the best performance with rand statistic of 94.93% and accuracy of 79.53%.

Original languageEnglish
Pages (from-to)104-115
Number of pages12
JournalAd Hoc Networks
Volume80
DOIs
StatePublished - Nov 2018

Keywords

  • Android
  • Community discovery
  • Malapp classification
  • Mobile cyber-physical system

Fingerprint

Dive into the research topics of 'Discovering communities of malapps on Android-based mobile cyber-physical systems'. Together they form a unique fingerprint.

Cite this