As the popularity of mobile end devices is growing exponentially, the number of malicious activities directed against them has also surged. People are using their mobile devices for sending, receiving, and storing data, so vulnerabilities in dealing with sensitive information are crucial. To detect malicious behavior on mobile devices,research on anomaly detection mechanisms has followed different approaches; these researches focused on the static and dynamic levels of anomaly detection separately. For static analysis, permissions and manifest files were inspected [1]; for dynamic analysis, API usage, system calls, and network-level traffic were inspected [2]. In this thesis, finding an efficient way to detect anomalies using memory usage data is aimed. For this purpose, data analysis, and Machine Learning algorithms are investigated. While detecting anomalies, it is observed that most of the selected algorithms for unsupervised learning require evenly distributed time-series data, which means continuous behavior is required. However, since the experiment was based on real-world data, it is realized that for some hours no samples were tracked. For adopting an adequate algorithm, anomaly detection of data with missing values is also covered in this paper.

As the popularity of mobile end devices is growing exponentially, the number of malicious activities directed against them has also surged. People are using their mobile devices for sending, receiving, and storing data, so vulnerabilities in dealing with sensitive information are crucial. To detect malicious behavior on mobile devices,research on anomaly detection mechanisms has followed different approaches; these researches focused on the static and dynamic levels of anomaly detection separately. For static analysis, permissions and manifest files were inspected [1]; for dynamic analysis, API usage, system calls, and network-level traffic were inspected [2]. In this thesis, finding an efficient way to detect anomalies using memory usage data is aimed. For this purpose, data analysis, and Machine Learning algorithms are investigated. While detecting anomalies, it is observed that most of the selected algorithms for unsupervised learning require evenly distributed time-series data, which means continuous behavior is required. However, since the experiment was based on real-world data, it is realized that for some hours no samples were tracked. For adopting an adequate algorithm, anomaly detection of data with missing values is also covered in this paper.

Behavioral Analysis based on Dynamic Detection of Anomalies in Mobile Device Activity with Machine Learning

TASCIOGLU, AYCA BEGUM
2021/2022

Abstract

As the popularity of mobile end devices is growing exponentially, the number of malicious activities directed against them has also surged. People are using their mobile devices for sending, receiving, and storing data, so vulnerabilities in dealing with sensitive information are crucial. To detect malicious behavior on mobile devices,research on anomaly detection mechanisms has followed different approaches; these researches focused on the static and dynamic levels of anomaly detection separately. For static analysis, permissions and manifest files were inspected [1]; for dynamic analysis, API usage, system calls, and network-level traffic were inspected [2]. In this thesis, finding an efficient way to detect anomalies using memory usage data is aimed. For this purpose, data analysis, and Machine Learning algorithms are investigated. While detecting anomalies, it is observed that most of the selected algorithms for unsupervised learning require evenly distributed time-series data, which means continuous behavior is required. However, since the experiment was based on real-world data, it is realized that for some hours no samples were tracked. For adopting an adequate algorithm, anomaly detection of data with missing values is also covered in this paper.
2021
Behavioral Analysis based on Dynamic Detection of Anomalies in Mobile Device Activity with Machine Learning
As the popularity of mobile end devices is growing exponentially, the number of malicious activities directed against them has also surged. People are using their mobile devices for sending, receiving, and storing data, so vulnerabilities in dealing with sensitive information are crucial. To detect malicious behavior on mobile devices,research on anomaly detection mechanisms has followed different approaches; these researches focused on the static and dynamic levels of anomaly detection separately. For static analysis, permissions and manifest files were inspected [1]; for dynamic analysis, API usage, system calls, and network-level traffic were inspected [2]. In this thesis, finding an efficient way to detect anomalies using memory usage data is aimed. For this purpose, data analysis, and Machine Learning algorithms are investigated. While detecting anomalies, it is observed that most of the selected algorithms for unsupervised learning require evenly distributed time-series data, which means continuous behavior is required. However, since the experiment was based on real-world data, it is realized that for some hours no samples were tracked. For adopting an adequate algorithm, anomaly detection of data with missing values is also covered in this paper.
Machine Learning
Anomaly detection
Behavioral Analysis
Mobile security
File in questo prodotto:
File Dimensione Formato  
Tascioglu_AycaBegum.pdf

accesso riservato

Dimensione 1.64 MB
Formato Adobe PDF
1.64 MB Adobe PDF

The text of this website © Università degli studi di Padova. Full Text are published under a non-exclusive license. Metadata are under a CC0 License

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.12608/31589