Cost-Sensitive Detection of Malicious Applications in Mobile Devices

  • Yael Weiss
  • Yuval Fledel
  • Yuval Elovici
  • Lior Rokach
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 76)


Mobile phones have become a primary communication device nowadays. In order to maintain proper functionality, various existing security solutions are being integrated into mobile devices. Some of the more sophisticated solutions, such as host-based intrusion detection systems (HIDS) are based on continuously monitoring many parameters in the device such as CPU and memory consumption. Since the continuous monitoring of many parameters consumes considerable computational resources it is necessary to reduce consumption in order to efficiently use HIDS. One way to achieve this is to collect less parameters by means of cost-sensitive feature selection techniques. In this study, we evaluate ProCASH, a new cost-sensitive feature selection algorithm which considers resources consumption, misclassification costs and feature grouping. ProCASH was evaluated on an Android-based mobile device. The data mining task was to distinguish between benign and malicious applications. The evaluation demonstrated the effectiveness of ProCASH compared to other cost sensitive algorithms.


Intrusion Detection Mobile Devices Malware Security Android sCost sensitive feature selection 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
    Turney, P.D.: Types of Cost in Inductive Concept Learning. In: Proc. Workshop Cost-Sensitive Learning, 17th Int’l Conf. Machine Learning, pp. 15–21 (2000)Google Scholar
  3. 3.
    Turney, P.D.: Cost-Sensitive Classification: Empirical Evaluation of a Hybrid Genetic Decision Tree Induction Algorithm. J. Artificial Intelligence Research 2, 369–409 (1995)Google Scholar
  4. 4.
    Chai, X., Deng, L., Yang, Q., Ling, C.X.: Test-Cost Sensitive Naive Bayes Classification. In: Proc. 4th Int. Conf. Data Mining, pp. 51–58 (2004)Google Scholar
  5. 5.
    Ling, C.X., Yang, Q., Wang, J., Zhang, S.: Decision Trees with Minimal Costs. In: Proc. 21st Int. Conf. Machine Learning, p. 69 (2004)Google Scholar
  6. 6.
    Sheng, S., Ling, C.X., Yang, Q.: Simple Test Strategies for Cost-Sensitive Decision Trees. In: Proc. 16th European Conf. Machine Learning, pp. 365–376 (2005)Google Scholar
  7. 7.
    Ling, C.X., Sheng, V.S., Yang, Q.: Test Strategies for Cost-Sensitive Decision Trees. IEEE Transactions on Knowledge and Data Engineering 18(8), 1055–1067 (2006)CrossRefGoogle Scholar
  8. 8.
    Sheng, V.S., Ling, C.X., Ni, A., Zhang, S.: Cost-Sensitive Test Strategies. In: Proc. 21st Nat’l Conf. Artificial Intelligence (2006)Google Scholar
  9. 9.
    Sheng, S., Ling, C.X.: Hybrid Cost-Sensitive Decision Tree. In: Jorge, A.M., Torgo, L., Brazdil, P.B., Camacho, R., Gama, J. (eds.) PKDD 2005. LNCS (LNAI), vol. 3721, pp. 274–284. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Freitas, A., Costa-Pereira, A., Brazdil, P.B.: Cost-Sensitive Decision Trees Applied to Medical Data. In: Song, I.-Y., Eder, J., Nguyen, T.M. (eds.) DaWaK 2007. LNCS, vol. 4654, pp. 303–312. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  11. 11.
    Weiss, Y., Elovici, Y., Rokach, L.: The CASH Algorithm-Cost-Sensitive Attribute Selection using Histograms. Lecture Notes in information system engineering. Ben-Gurion University (2010)Google Scholar
  12. 12.
    Shabtai, A., Weiss, Y., Kanonov, U., Elovici, Y., Glezer, C.: “Andromaly”: An Anomaly Detection Framework for Android Devices. Lecture Notes in information system engineering Ben-Gurion University (2009)Google Scholar
  13. 13.
    Núñez, M.: The use of background knowledge in decision tree induction. Machine Learning 6, 231–250 (1991)Google Scholar
  14. 14.
    Tan, M., Schlimmer, J.: Cost-sensitive concept learning of sensor use in approach and recognition. In: Proceedings of the Sixth International Workshop on Machine Learning, ML 1989, pp. 392–395 (1989)Google Scholar
  15. 15.
    Tan, M.: Cost-sensitive learning of classification knowledge and its applications in robotics. Machine Learning 13, 7–33 (1993)Google Scholar
  16. 16.
    Frank, E., Hall, M.A., Holmes, G., Kirkby, R., Pfahringer, B., Witten, I.H.: Weka: A machine learning workbench for data mining. In: Maimon, O.Z., Rokach, L. (eds.) Data Mining and Knowledge Discovery Handbook. Springer, Heidelberg (2005)Google Scholar
  17. 17.
    Quinlan, J.: C4.5: Programs for machine learning. Morgan Kaufmann, San Francisco (1993)Google Scholar
  18. 18.
    Domingos, P.: MetaCost: A general method for making classifiers cost-sensitive. In: Proceedings of the Fifth International Conference on Knowledge Discovery and Data Mining, pp. 155–164 (1999)Google Scholar
  19. 19.
    Botha, R.A., Furnell, S.M., Clarke, N.L.: From desktop to mobile: Examining the security experience. Computer & Security 28, 130–137 (2009)CrossRefGoogle Scholar
  20. 20.
    Demšar, J.: Statistical comparison of classifiers over multiple data sets. Journal of Machine Learning Research 7, 1–30 (2006)MathSciNetzbMATHGoogle Scholar

Copyright information

© ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering 2012

Authors and Affiliations

  • Yael Weiss
    • 1
    • 2
  • Yuval Fledel
    • 1
    • 2
  • Yuval Elovici
    • 1
    • 2
  • Lior Rokach
    • 1
    • 2
  1. 1.Department of Information Systems EngineeringBen-Gurion University of the NegevBe’er ShevaIsrael
  2. 2.Duetsche Telekom LaboratoriesBen-Gurion UniversityIsrael

Personalised recommendations