PUA Detection Based on Bundle Installer Characteristics - Data and Applications Security and Privacy XXXIV
Conference Papers Year : 2020

PUA Detection Based on Bundle Installer Characteristics

Amir Lukach
  • Function : Author
  • PersonId : 1100414
Asaf Shabtai
  • Function : Author
  • PersonId : 1100415

Abstract

Many applications, such as download managers, antivirus, backup utilities, and Web browsers, are distributed freely via popular download sites in an attempt to increase the application’s user base. When such applications also include functionalities which are added as a means of monetizing the applications and may cause inconvenience to the user or compromise the user’s privacy, they are referred to as potentially unwanted applications (PUAs). Commonly used methods for detecting malicious software cannot be applied to detect PUAs, since they have a high degree of similarity to benign applications and require user interaction for installation. Previous research aimed at detecting PUAs has relied mainly on the use of a sandbox to monitor the behavior of installed applications, however, the methods suggested had limited accuracy. In this study, we propose a machine learning-based method for detecting PUAs. Our approach can be applied on the target endpoint directly and thus can provide protection against PUAs in real-time.
Fichier principal
Vignette du fichier
496047_1_En_15_Chapter.pdf (252.78 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-03243639 , version 1 (31-05-2021)

Licence

Identifiers

Cite

Amir Lukach, Ehud Gudes, Asaf Shabtai. PUA Detection Based on Bundle Installer Characteristics. 34th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jun 2020, Regensburg, Germany. pp.261-273, ⟨10.1007/978-3-030-49669-2_15⟩. ⟨hal-03243639⟩
94 View
50 Download

Altmetric

Share

More