Cost-Sensitive Detection of Malicious Applications in Mobile Devices

Mobile phones have become a primary communication device nowadays. In order to maintain proper functionality, various existing security solutions are being integrated into mobile devices. Some of the more sophisticated solutions, such as host-based intrusion detection systems (HIDS) are based on continuously monitoring many parameters in the device such as CPU and memory consumption. Since the continuous monitoring of many parameters consumes considerable computational resources it is necessary to reduce consumption in order to efficiently use HIDS. One way to achieve this is to collect less parameters by means of cost-sensitive feature selection techniques. In this study, we evaluate ProCASH, a new cost-sensitive feature selection algorithm which considers resources consumption, misclassification costs and feature grouping. ProCASH was evaluated on an Android-based mobile device. The data mining task was to distinguish between benign and malicious applications. The evaluation demonstrated the effectiveness of ProCASH compared to other cost sensitive algorithms.