Cost-sensitive detection of malicious applications in mobile devices

Yael Weiss; Yuval Fledel; Yuval Elovici; Lior Rokach

doi:https://doi.org/10.1007/978-3-642-29336-8_27

Cost-sensitive detection of malicious applications in mobile devices

Yael Weiss, Yuval Fledel, Yuval Elovici, Lior Rokach

Department of Software and Information Systems Engineering

Ben-Gurion University of the Negev

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Mobile phones have become a primary communication device nowadays. In order to maintain proper functionality, various existing security solutions are being integrated into mobile devices. Some of the more sophisticated solutions, such as host-based intrusion detection systems (HIDS) are based on continuously monitoring many parameters in the device such as CPU and memory consumption. Since the continuous monitoring of many parameters consumes considerable computational resources it is necessary to reduce consumption in order to efficiently use HIDS. One way to achieve this is to collect less parameters by means of cost-sensitive feature selection techniques. In this study, we evaluate ProCASH, a new cost-sensitive feature selection algorithm which considers resources consumption, misclassification costs and feature grouping. ProCASH was evaluated on an Android-based mobile device. The data mining task was to distinguish between benign and malicious applications. The evaluation demonstrated the effectiveness of ProCASH compared to other cost sensitive algorithms.

Original language	American English
Title of host publication	Mobile Computing, Applications, and Services - 2nd International ICST Conference, MobiCASE 2010, Revised Selected Papers
Editors	Martin Griss, Guang Yang
Place of Publication	Berlin, Heidelberg
Publisher	Springer Verlag
Pages	382-395
Number of pages	14
ISBN (Electronic)	978-3-642-29336-8
ISBN (Print)	978-3-642-29335-1
DOIs	https://doi.org/10.1007/978-3-642-29336-8_27
State	Published - 1 Jan 2012
Event	2nd International Conference on Mobile Computing, Applications, and Services, MobiCASE 2010 - Santa Clara, United States Duration: 25 Oct 2010 → 28 Oct 2010

Publication series

Name	Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
Volume	76 LNICST

Conference

Conference	2nd International Conference on Mobile Computing, Applications, and Services, MobiCASE 2010
Country/Territory	United States
City	Santa Clara
Period	25/10/10 → 28/10/10

Keywords

Android
Intrusion detection
Malware
Mobile devices
Security
sCost sensitive feature selection

All Science Journal Classification (ASJC) codes

Computer Networks and Communications

Access to Document

https://doi.org/10.1007/978-3-642-29336-8_27

Cite this

Weiss, Y., Fledel, Y., Elovici, Y., & Rokach, L. (2012). Cost-sensitive detection of malicious applications in mobile devices. In M. Griss, & G. Yang (Eds.), Mobile Computing, Applications, and Services - 2nd International ICST Conference, MobiCASE 2010, Revised Selected Papers (pp. 382-395). (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; Vol. 76 LNICST). Springer Verlag. https://doi.org/10.1007/978-3-642-29336-8_27

Weiss, Yael ; Fledel, Yuval ; Elovici, Yuval et al. / Cost-sensitive detection of malicious applications in mobile devices. Mobile Computing, Applications, and Services - 2nd International ICST Conference, MobiCASE 2010, Revised Selected Papers. editor / Martin Griss ; Guang Yang. Berlin, Heidelberg : Springer Verlag, 2012. pp. 382-395 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST).

@inproceedings{7a3ca0713f9a4c6e9e4209a13a8d540a,

title = "Cost-sensitive detection of malicious applications in mobile devices",

abstract = "Mobile phones have become a primary communication device nowadays. In order to maintain proper functionality, various existing security solutions are being integrated into mobile devices. Some of the more sophisticated solutions, such as host-based intrusion detection systems (HIDS) are based on continuously monitoring many parameters in the device such as CPU and memory consumption. Since the continuous monitoring of many parameters consumes considerable computational resources it is necessary to reduce consumption in order to efficiently use HIDS. One way to achieve this is to collect less parameters by means of cost-sensitive feature selection techniques. In this study, we evaluate ProCASH, a new cost-sensitive feature selection algorithm which considers resources consumption, misclassification costs and feature grouping. ProCASH was evaluated on an Android-based mobile device. The data mining task was to distinguish between benign and malicious applications. The evaluation demonstrated the effectiveness of ProCASH compared to other cost sensitive algorithms.",

keywords = "Android, Intrusion detection, Malware, Mobile devices, Security, sCost sensitive feature selection",

author = "Yael Weiss and Yuval Fledel and Yuval Elovici and Lior Rokach",

note = "Publisher Copyright: {\textcopyright} Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2012.; 2nd International Conference on Mobile Computing, Applications, and Services, MobiCASE 2010 ; Conference date: 25-10-2010 Through 28-10-2010",

year = "2012",

month = jan,

day = "1",

doi = "https://doi.org/10.1007/978-3-642-29336-8_27",

language = "American English",

isbn = "978-3-642-29335-1",

series = "Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST",

publisher = "Springer Verlag",

pages = "382--395",

editor = "Martin Griss and Guang Yang",

booktitle = "Mobile Computing, Applications, and Services - 2nd International ICST Conference, MobiCASE 2010, Revised Selected Papers",

address = "Germany",

}

Weiss, Y, Fledel, Y, Elovici, Y & Rokach, L 2012, Cost-sensitive detection of malicious applications in mobile devices. in M Griss & G Yang (eds), Mobile Computing, Applications, and Services - 2nd International ICST Conference, MobiCASE 2010, Revised Selected Papers. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, vol. 76 LNICST, Springer Verlag, Berlin, Heidelberg, pp. 382-395, 2nd International Conference on Mobile Computing, Applications, and Services, MobiCASE 2010, Santa Clara, United States, 25/10/10. https://doi.org/10.1007/978-3-642-29336-8_27

Cost-sensitive detection of malicious applications in mobile devices. / Weiss, Yael; Fledel, Yuval; Elovici, Yuval et al.
Mobile Computing, Applications, and Services - 2nd International ICST Conference, MobiCASE 2010, Revised Selected Papers. ed. / Martin Griss; Guang Yang. Berlin, Heidelberg: Springer Verlag, 2012. p. 382-395 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; Vol. 76 LNICST).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Cost-sensitive detection of malicious applications in mobile devices

AU - Weiss, Yael

AU - Fledel, Yuval

AU - Elovici, Yuval

AU - Rokach, Lior

N1 - Publisher Copyright: © Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2012.

PY - 2012/1/1

Y1 - 2012/1/1

N2 - Mobile phones have become a primary communication device nowadays. In order to maintain proper functionality, various existing security solutions are being integrated into mobile devices. Some of the more sophisticated solutions, such as host-based intrusion detection systems (HIDS) are based on continuously monitoring many parameters in the device such as CPU and memory consumption. Since the continuous monitoring of many parameters consumes considerable computational resources it is necessary to reduce consumption in order to efficiently use HIDS. One way to achieve this is to collect less parameters by means of cost-sensitive feature selection techniques. In this study, we evaluate ProCASH, a new cost-sensitive feature selection algorithm which considers resources consumption, misclassification costs and feature grouping. ProCASH was evaluated on an Android-based mobile device. The data mining task was to distinguish between benign and malicious applications. The evaluation demonstrated the effectiveness of ProCASH compared to other cost sensitive algorithms.

AB - Mobile phones have become a primary communication device nowadays. In order to maintain proper functionality, various existing security solutions are being integrated into mobile devices. Some of the more sophisticated solutions, such as host-based intrusion detection systems (HIDS) are based on continuously monitoring many parameters in the device such as CPU and memory consumption. Since the continuous monitoring of many parameters consumes considerable computational resources it is necessary to reduce consumption in order to efficiently use HIDS. One way to achieve this is to collect less parameters by means of cost-sensitive feature selection techniques. In this study, we evaluate ProCASH, a new cost-sensitive feature selection algorithm which considers resources consumption, misclassification costs and feature grouping. ProCASH was evaluated on an Android-based mobile device. The data mining task was to distinguish between benign and malicious applications. The evaluation demonstrated the effectiveness of ProCASH compared to other cost sensitive algorithms.

KW - Android

KW - Intrusion detection

KW - Malware

KW - Mobile devices

KW - Security

KW - sCost sensitive feature selection

UR - http://www.scopus.com/inward/record.url?scp=84984612834&partnerID=8YFLogxK

U2 - https://doi.org/10.1007/978-3-642-29336-8_27

DO - https://doi.org/10.1007/978-3-642-29336-8_27

M3 - Conference contribution

SN - 978-3-642-29335-1

T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST

SP - 382

EP - 395

BT - Mobile Computing, Applications, and Services - 2nd International ICST Conference, MobiCASE 2010, Revised Selected Papers

A2 - Griss, Martin

A2 - Yang, Guang

PB - Springer Verlag

CY - Berlin, Heidelberg

T2 - 2nd International Conference on Mobile Computing, Applications, and Services, MobiCASE 2010

Y2 - 25 October 2010 through 28 October 2010

ER -

Weiss Y, Fledel Y, Elovici Y , Rokach L. Cost-sensitive detection of malicious applications in mobile devices. In Griss M, Yang G, editors, Mobile Computing, Applications, and Services - 2nd International ICST Conference, MobiCASE 2010, Revised Selected Papers. Berlin, Heidelberg: Springer Verlag. 2012. p. 382-395. (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST). doi: https://doi.org/10.1007/978-3-642-29336-8_27

Cost-sensitive detection of malicious applications in mobile devices

Abstract

Publication series

Conference

Keywords

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this