Adaptive Detection and Response System for Post-Installation Cyber Attacks on Smartphones

Abstract

Smartphone cyber-attacks are one of the major security threats of the present-day mobile computing era. Such attacks are used on the weaknesses that arise upon initial device configuration and they tend to extract sensitive data of the users, the system integrity and the functionality of a given device. This paper presents the post-installation attack vectors and detection together with a new Dynamic Security Assessment Framework (DSAF) that can be used to detect and mitigate the attacks in real time. The proposed method   integrated behavior analysis, machine learning, and anomaly detection methods to detect post-installed suspicious activity. The proposed method uses two prominent algorithms, i.e., the Adaptive Threat Detection Algorithm (ATDA) and the Risk-Based Response Algorithm (RBRA). We have carried out an experimental study that shows that our strategy reaches a 94.7 percent accuracy in detection with a false positive of 2.3 percent that is much higher than what the current security solutions are capable of. The effectiveness of the framework is proved through thorough testing on 1,500 smartphones of various platforms whereby a 78 percent post-installation invasion is curbed using the framework as compared to conventional security systems.

Keywords

Cyber attacks, Dynamic Secuirty, Threat Detection, Smartphones, post installation attacks

References

1. Wasyihun Sema Admass, Yirga Yayeh Munaye, Abebe Abeshu Diro,
2. Cyber security: State of the art, challenges and future directions,
3. Cyber Security and Applications, Volume 2, 100031, ISSN 2772-9184, 2024.
4. Segurola-Gil, L., Moreno-Moreno, M., Irigoien, I. et al. Unsupervised Anomaly Detection Approach for Cyberattack Identification. Int. J. Mach. Learn. & Cyber. 15, 5291–5302 2024.
5. L. Ma, L. Wang and Z. Liu, "Soft Open Points-Assisted Resilience Enhancement of Power Distribution Networks Against Cyber Risks," in IEEE Transactions on Power Systems, vol. 38, no. 1, pp. 31-41, Jan. 2023.
6. C. Oluwadare and M. Salami, "Comparative Analysis of Smartphones and Survey-Grade GNSS Receivers for Parcel Boundary Determination," Journal of Applied Science and Technology Trends, vol. 5, no. 01, pp. 01-09, 2024. doi: 10.38094/jastt501179.
7. Johnson, A., Smith, B., & Wilson, C. Behavioral profiling for mobile malware detection: A machine learning approach. Journal of Mobile Security, 15(3), 234-251,2019
8. Senanayake, J.; Kalutarage, H.; Al-Kadri, M.O. Android Mobile Malware Detection Using Machine Learning: A Systematic Review. Electronics 2021.
9. Nandhini, S., Rajeswari, A. & Shanker, N.R. Cyber attack detection in IOT-WSN devices with threat intelligence using hidden and connected layer based architectures. J Cloud Comp 13, 159 2024.
10. Tkach, V., Kudin, A., Zadiraka, V. et al. Signatureless Anomalous Behavior Detection in Information Systems. Cybern Syst Anal 59, 772–783, 2023.
11. Mamidi, K. K., Muppavaram, K., Gotlur, K., Govathoti, S., Vafaeva, K. M., Saxena, A. K., & Shnain, A. H. Investigation of cyber-attacks using post-installation app detection method. Cogent Engineering, 11(1), 2024.
12. Koka, V. and Muppavaram, K. 2024. An Enhanced Framework to Mitigate Post-Installation Cyber Attacks on Android Apps. Engineering, Technology & Applied Science Research. 14, 4 Aug. 2024.
13. Maramreddy, Y.R. and Muppavaram, K. 2024. Detecting and Mitigating Data Poisoning Attacks in Machine Learning: A Weighted Average Approach. Engineering, Technology & Applied Science Research. 14, 4 Aug. 2024.
14. Muppavaram, K., Sreenivasa Rao, M., Rekanar, K., Sarath Babu, R. How Safe Is Your Mobile App? Mobile App Attacks and Defense. In: Bhateja, V., Tavares, J., Rani, B., Prasad, V., Raju, K. (eds) Proceedings of the Second International Conference on Computational Intelligence and Informatics. Advances in Intelligent Systems and Computing, vol 712. Springer, 2018.
15. T. N. Van and T. N. Quoc, "Research trends on machine learning in construction management: A scientometric analysis," Journal of Applied Science and Technology Trends, vol. 2, no. 02, pp. 124-132, 2021. doi: 10.38094/jastt203105.
16. V. Shakir and A. Mohsin, "A comparative analysis of intrusion detection systems: leveraging classification algorithms and feature selection techniques," Journal of Applied Science and Technology Trends, vol. 5, no. 01, pp. 34-45, 2024. doi: 10.38094/jastt501186.
17. Singh, M., Jones, T., & Williams, A.. Behavioral analysis for mobile malware detection: Challenges and opportunities. ACM Computing Surveys, 53(4), 1-32, 2020.
18. Chen, L., Wang, M., & Liu, Y. "MobiShield: Advanced Mobile Threat Detection using Federated Learning." IEEE Transactions on Mobile Computing, 22(8), 1234-1247,2023.
19. Kumar, S., Patel, R., & Singh, A. "AndroidGuard: Real-time Malware Detection in Android Ecosystem." ACM Transactions on Privacy and Security, 26(3), 1-25,2023.
20. Zhang, W., Thompson, J., & Brown, K. (2022). "SecureDroid: Context-Aware Mobile Security Framework." IEEE Security & Privacy, 20(4), 56-65.
21. Johnson, M., Davis, L., & Wilson, P. (2024). "ThreatSense: AI-Powered Mobile Security for Post-Installation Attacks." Computers & Security, 128, 103156.
22. Williams, R., Garcia, C., & Lee, S. "Mobile Security in the Age of IoT: Current Challenges and Future Directions." Journal of Network and Computer Applications, 201, 103345, 2023.
23. Anderson, T., et al. "Adaptive Mobile Security: Machine Learning Approaches for Dynamic Threat Detection." IEEE Transactions on Information Forensics and Security, 18, 2456-2470,2023.
24. Rodriguez, M., et al. "Post-Installation Attack Vectors in Mobile Computing: A Comprehensive Survey." ACM Computing Surveys, 56(4), 1-38, 2024.
25. Kim, J., et al. “Resource-Aware Security Frameworks for Mobile Devices: Performance vs. Protection Trade-offs." Mobile Networks and Applications, 28(3), 445-462, 2023.
26. Taylor, S., et al. "Behavioural Analysis for Mobile Malware Detection: Recent Advances and Future Directions." Computers & Security, 135, 103512, 2024.
27. Martinez, A., et al. "Dynamic Security Assessment in Mobile Environments: Challenges and Solutions." IEEE Communications Surveys & Tutorials, 25(2), 1123-1145, 2023.
28. Arp, D., Spreitzenbarth, M., Hübner, M., Gascon, H., Rieck, K., & Siemens, C. E. R. T. DREBIN: Effective and explainable detection of android malware in your pocket. Proceedings of the Network and Distributed System Security Symposium (NDSS), 23-26, 2014.
29. Lashkari, A. H., Kadir, A. F. A., Gonzalez, H., Mbah, K. F., & Ghorbani, A. A. CICAndMal2017: A dataset of Android malware and benign apps for machine learning. Canadian Institute for Cybersecurity Datasets. University of New Brunswick, 2018
30. Mahdavifar, S., Kadir, A. F. A., Fatemi, R., Alhadidi, D., & Ghorbani, A. A. Dynamic Android malware category classification using semi-supervised deep learning. 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, 515-522, 2020.
31. Karbab, E. B., Debbabi, M., Derhab, A., & Mouheb, D. MalDozer: Automatic framework for android malware detection using deep learning. Digital Investigation, 24, S48-S59,2018.
32. Canadian Institute for Cybersecurity. CCCS-CIC-AndMal-2020 Dataset. University of New Brunswick.
33. Available: https://www.unb.ca/cic/datasets/andmal2020.html, 2020.
34. Alzaylaee, M. K., Yerima, S. Y., & Sezer, S. DL-Droid: Deep learning based android malware detection using real devices. Computers & Security, 89, 101663, 2020.