iSecVote: a lightweight multi-model and borda count-based voting framework for malicious iOS app detection
摘要
In the ever-evolving landscape of cyber security, detecting malicious iOS apps remains a critical challenge because of sophisticated threats and complexities in detecting over-privileged, malicious or benign apps in mobile environments. Smartphones have become an integral part of life as millions rely on them to store their personal and confidential data via different apps. As these apps proliferate and are deeply embedded in our daily activities, privacy concerns have escalated since they pose privacy risks to users by collecting their contextual and private data. The problem is multiplexed if the apps do not handle users ‘data by using encryption or sharing it with third-party advertisers. Both iOS and Android are the most prominently used mobile OS in terms of their users and follow a permission-based control policy where an app has to specify the user permission it requires during its usage. However, past attacks on information privacy on iOS/mobile users have demonstrated that these mechanisms are inadequate to safeguard user’s privacy. To combat this problem this research work proposes a light-weight iOS malware detection framework- iSecVote by combining multiple machine learning models along with the Borda count strategy. The framework integrates 3 distinct classifiers namely Decision tree, K-nearest neighbor (KNN), and Logistic regression, where each classifier strengthens the mal app detection process. The framework utilizes the Borda count technique to optimize the performance during app detection and maintain a high detection rate to aggregate prediction probabilities from the above models on a data set of 1150 iOS apps from 12 distinct iOS app categories. Based on the scores from the machine learning models, the Borda count technique effectively analyzes insights from models into a single robust decision. The proposed multi-model framework improved the detection accuracy and precision rate for classifying malicious iOS apps by a minimum of 5% to a maximum of 19% in different app categories. To demonstrate the efficiency of the proposed approach statistical tests have been employed.