Permission based malware detection analysis in Android applications


Tezin Türü: Yüksek Lisans

Tezin Yürütüldüğü Kurum: Orta Doğu Teknik Üniversitesi, Enformatik Enstitüsü, Bilişim Sistemleri Anabilim Dalı, Türkiye

Tezin Onay Tarihi: 2014

Öğrenci: UĞUR PEHLİVAN

Danışman: NAZİFE BAYKAL

Özet:

Android mobile devices have developed very fast in past decade and have been very widespread in all over the world. Nowadays, several applications are available on application markets. The number of android applications also increases with the increase in the variety of applications. Those applications may become very dangerous for the users of android mobile devices because of fast development and wide variety of applications. Some applications may have the malicious activities such as novelty and amusement, selling user information and stealing user credentials etc. For this reason, the detection of malicious android applications has become very important in recent years for the security of mobile device’s users. In this study, the permissions required for the installation and running processes of android applications were analyzed to determine best performing feature selection methods and classification algorithms which are used for detecting the malicious applications in android mobile devices. 4 feature selection methods consisted of attribute based and subset based selection methods used to reduce the number of attributes and to increase the performance of classification algorithms. The classification algorithms were chosen from the Bayesian, decision tree and SVM classification algorithms in order to compare the performance of different type of classification algorithms. Moreover, the effect of dataset size was investigated to measure the performance of classification algorithms. The permissions are also analyzed in accordance with their presence in the malicious applications by using the clustering analysis.