TY - JOUR
T1 - Discovering communities of malapps on Android-based mobile cyber-physical systems
AU - Su, Dan
AU - Liu, Jiqiang
AU - Wang, Wei
AU - Wang, Xiaoyang
AU - Du, Xiaojiang
AU - Guizani, Mohsen
N1 - Publisher Copyright:
© 2018 Elsevier B.V.
PY - 2018/11
Y1 - 2018/11
N2 - Android-based devices like smartphones have become ideal mobile cyber-physical systems (MCPS) due to their powerful processors and variety of sensors. In recent years, an explosively and continuously growing number of malicious applications (malapps) have posed a great threat to Android-based MCPS as well as users’ privacy. The effective detection of malapps is an emerging yet crucial task. How to establish relationships among malapps, discover their potential communities, and explore their evolution process has become a challenging issue in effective detection of malapps. To deal with this issue, in this work, we are motivated to propose an automated community detection method for Android malapps by building a relation graph based on their static features. First, we construct a large feature set to profile the behaviors of malapps. Second, we propose an E-N algorithm for graph construction by combining epsilon graph and k-nearest neighbor (k-NN) graph. It solves the problem of an incomplete graph led by epsilon method and the problem of noise generated by k-NN graph. Finally, a community detection method, Infomap, is employed to explore the underlying structures of the relation graph, and obtain the communities of malapps. We evaluate our community detection method with 3996 malapp samples. Extensive experimental results show that our method outperforms the traditional clustering methods and achieves the best performance with rand statistic of 94.93% and accuracy of 79.53%.
AB - Android-based devices like smartphones have become ideal mobile cyber-physical systems (MCPS) due to their powerful processors and variety of sensors. In recent years, an explosively and continuously growing number of malicious applications (malapps) have posed a great threat to Android-based MCPS as well as users’ privacy. The effective detection of malapps is an emerging yet crucial task. How to establish relationships among malapps, discover their potential communities, and explore their evolution process has become a challenging issue in effective detection of malapps. To deal with this issue, in this work, we are motivated to propose an automated community detection method for Android malapps by building a relation graph based on their static features. First, we construct a large feature set to profile the behaviors of malapps. Second, we propose an E-N algorithm for graph construction by combining epsilon graph and k-nearest neighbor (k-NN) graph. It solves the problem of an incomplete graph led by epsilon method and the problem of noise generated by k-NN graph. Finally, a community detection method, Infomap, is employed to explore the underlying structures of the relation graph, and obtain the communities of malapps. We evaluate our community detection method with 3996 malapp samples. Extensive experimental results show that our method outperforms the traditional clustering methods and achieves the best performance with rand statistic of 94.93% and accuracy of 79.53%.
KW - Android
KW - Community discovery
KW - Malapp classification
KW - Mobile cyber-physical system
UR - http://www.scopus.com/inward/record.url?scp=85050383685&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85050383685&partnerID=8YFLogxK
U2 - 10.1016/j.adhoc.2018.07.015
DO - 10.1016/j.adhoc.2018.07.015
M3 - Article
AN - SCOPUS:85050383685
SN - 1570-8705
VL - 80
SP - 104
EP - 115
JO - Ad Hoc Networks
JF - Ad Hoc Networks
ER -