• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.286-293
• /
• 2021

Recently, the quick development rate of apps in the Android platform has led to an accelerated increment in creating malware applications by cyber attackers. Numerous Android malware detection tools have utilized conventional signature-based approaches to detect malware apps. However, these conventional strategies can't identify the latest apps on whether applications are malware or not. Many new malware apps are periodically discovered but not all malware Apps can be accurately detected. Hence, there is a need to propose intelligent approaches that are able to detect the newly developed Android malware applications. In this study, Radial Basis Function (RBF) networks are trained using known Android applications and then used to detect the latest and new Android malware applications. Initially, the optimal permission features of Android apps are selected using Information Gain Ratio (IGR). Appropriately, the features selected by IGR are utilized to train the RBF networks in order to detect effectively the new Android malware apps. The empirical results showed that RBF achieved the best detection accuracy (97.20%) among other common machine learning techniques. Furthermore, RBF accomplished the best detection results in most of the other measures.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.6
• /
• pp.2188-2203
• /
• 2021

With the rapid development of mobile Internet, smart phones have been widely popularized, among which Android platform dominates. Due to it is open source, malware on the Android platform is rampant. In order to improve the efficiency of malware detection, this paper proposes deep learning Android malicious detection system based on behavior features. First of all, the detection system adopts the static analysis method to extract different types of behavior features from Android applications, and extract sensitive behavior features through Term frequency-inverse Document Frequency algorithm for each extracted behavior feature to construct detection features through unified abstract expression. Secondly, Long Short-Term Memory neural network model is established to select and learn from the extracted attributes and the learned attributes are used to detect Android malicious applications, Analysis and further optimization of the application behavior parameters, so as to build a deep learning Android malicious detection method based on feature analysis. We use different types of features to evaluate our method and compare it with various machine learning-based methods. Study shows that it outperforms most existing machine learning based approaches and detects 95.31% of the malware.

• The KIPS Transactions:PartC
• /
• v.18C no.3
• /
• pp.151-156
• /
• 2011

Google Android, which is one of the popular smart phone platforms, employs a security model based on application permissions. This model intends to reduce security threats by protecting inappropriate accesses to system resources from applications, but this model has a few problems. First, permission requested by an application cannot be granted selectively. Second, once the permission has been granted it is maintained until the application is uninstalled. Third, applications may acquire powerful permissions through user ID sharing without any notice to users. In order to overcome these limitations, we designed and implemented a flexible application permission management scheme. The goal of our scheme is to enhance security and user convenience while keeping compatibility to original platform. We also verified the operation of our scheme with real applications on Android emulator.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.169-176
• /
• 2016

Android platform is designed to be user-friendly, yet sometimes its convenience introduces vulnerabilities that normal users cannot justify. In this paper, after making an overview of popular open source analysis tools for android applications, we point out the dangerous use of Permission Group in current Google Policy, and suggest a technique to mitigate the risks of privilege escalation that attackers are taking advantage of. By conducting the investigation of 21,064 malware samples, we conclude that the proposed technique is considered effective in detecting insecure application update, as well as giving users the heads-up in security awareness.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.5
• /
• pp.1173-1179
• /
• 2015

In this paper is given to implements the Android-based integration platform to provide convenience for gender development and scalability , easy access for the user. Sensor-based smart home-related products have a different way of the data exchange so platform can be integrated easily and connect heterogeneous network products and external data transmission security processing for data communication and supported to enable the integration

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.67-80
• /
• 2012

Recently as the number of smartphone user is growing rapidly, android is also getting more interest in digital forensic. However, there is not enough research on digital data acquisition and analysis based on android platform's unique characteristics so far. Android system stores all the related recent systemwide logs from the system components to applications in volatile memory, and therefore, the logs can potentially serve as important evidences. In this paper, we propose a digital data acquisition and analysis system for android which extracts meaningful information based on the correlation of android logs and user activities from a device at runtime. We also present an efficient search scheme to facilitate realtime analysis on site. Finally, we demonstrate how the proposed system can be used to reconstruct the sequence of user activities in a more intuitive manner, and show that the proposed search scheme can reduce overall search and analysis time approximately 10 times shorter than the normal regular search method.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.2
• /
• pp.115-120
• /
• 2013

Recently, Virtualization technology is moving the desktop environment from its place a mobile platform environment, personal and businesses, academia, and lacked security and in a team environment brought about many changes are coming. In this environment, a representative of VMware's MVP solution and Enterporid Divide. But, another issue is that these mobile virtualization technologies in an environment of limited resources and performance constraints, have become its application virtualization technology to improve the weaknesses of the mobile platform. In this paper, proposed for client-based desktop application virtualization infrastructure, bring it to the Android environment, weaknesses of the existing paper was user area limitations of the desktop environment with application virtualization, program execution android application virtualization launcher was improved through increased resource allocation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.499-505
• /
• 2014

According to the increasing use of smart devices such as smart phones and tablets, the service that targets mobile office, finance and e-government for convenience of usage and productivity has emerged significantly. As a result, important information is treated with the smart devices and also, the malicious activity that targets smart devices is increasing steadily. In particular, the damage case by harmful sites, malware distribution sites and phishing sites that targets smart devices has occurred steadily and it has emerged as a social issue. In the case of smart devices, the Android platform is occupied the 90% in Korea, 2013 therefore the method of device block level is required to resolve the social issues of smart devices. In this paper, we propose a method that can be effectively blocked when you try to access an illegal site to Web browser on the Android platform and develop the application and also analyze the wrong site block function.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.4
• /
• pp.2180-2197
• /
• 2019

With the proliferation of the Android malicious applications, malware becomes more capable of hiding or confusing its malicious intent through the use of code obfuscation, which has significantly weaken the effectiveness of the conventional defense mechanisms. Therefore, in order to effectively detect unknown malicious applications on the Android platform, we propose DroidVecDeep, an Android malware detection method using deep learning technique. First, we extract various features and rank them using Mean Decrease Impurity. Second, we transform the features into compact vectors based on word2vec. Finally, we train the classifier based on deep learning model. A comprehensive experimental study on a real sample collection was performed to compare various malware detection approaches. Experimental results demonstrate that the proposed method outperforms other Android malware detection techniques.

• Journal of Korea Multimedia Society
• /
• v.20 no.2
• /
• pp.234-243
• /
• 2017

With the development of smartphone technologies enable photoplethysmogram (PPG) acquisition by camera and heart rate (HR) measurement. This papers presents improved algorithm to extract HR from PPG signal recorded by smartphone camera and to develop real-time PPG signal processing Android application. 400 video samples recorded by Samsung smartphone camera are imported as input data for further processing and evaluating algorithm on MATLAB. An optimized algorithm is developed and tested on Android platform with different kind of Samsung smartphones. To assess algorithm's performance, medical device Beurer BC08 is used as reference. According to related works, accuracy parameters includes 90% number of samples that has relative errors less than 5%, Person correlation (r) more than 0.9, and standard estimated error (SEE) less than 5 beats-per-minutes (bpm).