Presenting A Method Based on Nearest Neighbors and Hamming Distance in Order to Identify Malicious Applications

Journal Title: Electronic and Cyber Defense - Year 2023, Vol 11, Issue 2

Abstract

Nowadays, Android-based devices such as smart phones, tablets, and recently virtual reality headsets have found increasing usage in our daily lives. Along with the development of software for these devices, new malicious applications are released by intruders, which are more difficult to identify and deal with because they use more sophisticated methods. Although methods have been provided to calculate the security risk and identify malicious apps, but with the expansion of the level and depth of their threats, the need for new methods in this field is still required. In this study, we have presented a new algorithm to calculate the security risk of Android apps, which can be used to identify malicious apps from benign ones. In this algorithm, to estimate the security risk of an input app, the nearest neighbors of the type of malicious apps and the nearest neighbors of the type of normal apps are determined separately using Hamming distance. Then, based on the criteria presented in this article, the security risk of an unknown input app can be computed. After implementing this algorithm and adjusting the parameter of the number of neighbors with the help of real data, extensive various experiments were conducted in order to evaluate the proposed method. In these experiments, the proposed method was compared with three previously known methods in the context of detecting malicious apps, using four different datasets. The results show the higher detection rate of the proposed method in most cases.

Authors and Affiliations

Mahmood Deypir

Keywords

Related Articles

Developing a Threat-Tolerability Bilateral Concept within a Differential Game for the Analysis of the Insider/Adversary Behavior in Operational environment

Threat-tolerability as an innovative bilateral concept that focuses on the analysis of insider/adversary behavior is proposed. A zero sum differential game is designed to model the interaction between the two introduced...

An Optimized Compound Deep Neural Network Integrating With Feature Selection for Intrusion Detection System in Cyber Attacks

In today's digital era, security issues and cyber attacks have become a serious and attention-needed concern as they hamper secured and vital information relating to organizations or individuals. Accordingly, timely dete...

Reducing the Effects of Deception Attack on GPS Receivers of Phasor Measurement Units using Neural Networks

Accurate timing is one of the key features of the Global Positioning System (GPS), which is employed in many critical infrastructures. Any imprecise time measurement in GPS-based structures, such as smart power grids, an...

A way to predict the stock price of the Tehran Stock Exchange in relation to knowledge

In recent years, due to the profitability of the stock market in Iran, small and large investments were attracted to this market, but unfortunately, due to their lack of knowledge of the stock market and price forecastin...

A method for quantitative evaluation of security risk in cyber-physical systems

Cyber-physical systems were introduced with the introduction of the cyber sector into physical systems and the emergence of Industry 4.0. Although the main purpose of this combination has been to increase the efficiency,...

Download PDF file
  • EP ID EP730062
  • DOI -
  • Views 57
  • Downloads 0

How To Cite

Mahmood Deypir (2023). Presenting A Method Based on Nearest Neighbors and Hamming Distance in Order to Identify Malicious Applications. Electronic and Cyber Defense, 11(2), -. https://europub.co.uk/articles/-A-730062