Presenting A Method Based on Nearest Neighbors and Hamming Distance in Order to Identify Malicious Applications

Journal Title: Electronic and Cyber Defense - Year 2023, Vol 11, Issue 2

Abstract

Nowadays, Android-based devices such as smart phones, tablets, and recently virtual reality headsets have found increasing usage in our daily lives. Along with the development of software for these devices, new malicious applications are released by intruders, which are more difficult to identify and deal with because they use more sophisticated methods. Although methods have been provided to calculate the security risk and identify malicious apps, but with the expansion of the level and depth of their threats, the need for new methods in this field is still required. In this study, we have presented a new algorithm to calculate the security risk of Android apps, which can be used to identify malicious apps from benign ones. In this algorithm, to estimate the security risk of an input app, the nearest neighbors of the type of malicious apps and the nearest neighbors of the type of normal apps are determined separately using Hamming distance. Then, based on the criteria presented in this article, the security risk of an unknown input app can be computed. After implementing this algorithm and adjusting the parameter of the number of neighbors with the help of real data, extensive various experiments were conducted in order to evaluate the proposed method. In these experiments, the proposed method was compared with three previously known methods in the context of detecting malicious apps, using four different datasets. The results show the higher detection rate of the proposed method in most cases.

Authors and Affiliations

Mahmood Deypir

Keywords

Related Articles

A method for quantitative evaluation of security risk in cyber-physical systems

Cyber-physical systems were introduced with the introduction of the cyber sector into physical systems and the emergence of Industry 4.0. Although the main purpose of this combination has been to increase the efficiency,...

A way to predict the stock price of the Tehran Stock Exchange in relation to knowledge

In recent years, due to the profitability of the stock market in Iran, small and large investments were attracted to this market, but unfortunately, due to their lack of knowledge of the stock market and price forecastin...

Developing a Threat-Tolerability Bilateral Concept within a Differential Game for the Analysis of the Insider/Adversary Behavior in Operational environment

Threat-tolerability as an innovative bilateral concept that focuses on the analysis of insider/adversary behavior is proposed. A zero sum differential game is designed to model the interaction between the two introduced...

A Trust Evaluation Model for Cloud Computing Using Bayesian Network

In recent years, cloud computing has attracted much attention as a new computing model for providing infrastructure, platform, and software as a service. There is an important challenge in trust management between cloud...

Analysis of exchange market disruptors using graph-based social network analysis

Today, increasing the science and technology and the communication technologies, especially in cyberspace, however physically act have become interact with cyberspace has caused a more significant effect on the culture a...

Download PDF file
  • EP ID EP730062
  • DOI -
  • Views 49
  • Downloads 0

How To Cite

Mahmood Deypir (2023). Presenting A Method Based on Nearest Neighbors and Hamming Distance in Order to Identify Malicious Applications. Electronic and Cyber Defense, 11(2), -. https://europub.co.uk/articles/-A-730062