Developing secured Android applications by mitigating code vulnerabilities with machine learning
Conference poster
Senanayake, J., Kalutarage, H., Al-Kadri, M., Petrovski, A. and Piras, L. 2022. Developing secured Android applications by mitigating code vulnerabilities with machine learning. ACM Asia Conference on Computer and Communications Security (ASIA CCS '22). Nagasaki, Japan 30 May - 03 Jun 2022 Association for Computing Machinery (ACM). pp. 1255–1257 https://doi.org/10.1145/3488932.3527290
Type | Conference poster |
---|---|
Title | Developing secured Android applications by mitigating code vulnerabilities with machine learning |
Authors | Senanayake, J., Kalutarage, H., Al-Kadri, M., Petrovski, A. and Piras, L. |
Abstract | Mobile application developers sometimes might not be serious about source code security and publish apps to the marketplaces. Therefore, it is essential to have a fully automated security solutions generator to integrate security-by-design into the development practices, especially for the Android platform. This research proposes a Machine Learning (ML) based highly accurate method to detect Android source code vulnerabilities. A new labelled dataset containing Android source code vulnerability samples was generated initially. The dataset was used to train binary and multi-class classification based ML models, to identify code issues by following a static analysis approach. The proposed model can detect code vulnerabilities with a 0.90 F1-Score and vulnerability categories (CWE) with a 0.96 F1-Score. By integrating this with the Android development environment, app developers can analyse source code and identify security vulnerabilities in real-time. The proposed framework can be extended to suggest suitable patches to overcome the source code issues by providing real-time fixes in future. |
Keywords | android; code vulnerability detection; static analysis; vulnerability dataset; machine learning; secure mobile apps |
Sustainable Development Goals | 9 Industry, innovation and infrastructure |
Middlesex University Theme | Creativity, Culture & Enterprise |
Conference | ACM Asia Conference on Computer and Communications Security (ASIA CCS '22) |
Page range | 1255–1257 |
Proceedings Title | ASIA CCS '22: Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security |
ISSN | 9781450391405 |
Publisher | Association for Computing Machinery (ACM) |
Publication dates | |
30 May 2022 | |
Publication process dates | |
Accepted | 11 Mar 2022 |
Deposited | 02 May 2024 |
Output status | Published |
Digital Object Identifier (DOI) | https://doi.org/10.1145/3488932.3527290 |
Web of Science identifier | WOS:000937026200103 |
Language | English |
https://repository.mdx.ac.uk/item/8v3y3
41
total views0
total downloads3
views this month0
downloads this month