PUA detection based on bundle installer characteristics

Amir Lukach, Ehud Gudes, Asaf Shabtai

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Many applications, such as download managers, antivirus, backup utilities, and Web browsers, are distributed freely via popular download sites in an attempt to increase the application’s user base. When such applications also include functionalities which are added as a means of monetizing the applications and may cause inconvenience to the user or compromise the user’s privacy, they are referred to as potentially unwanted applications (PUAs). Commonly used methods for detecting malicious software cannot be applied to detect PUAs, since they have a high degree of similarity to benign applications and require user interaction for installation. Previous research aimed at detecting PUAs has relied mainly on the use of a sandbox to monitor the behavior of installed applications, however, the methods suggested had limited accuracy. In this study, we propose a machine learning-based method for detecting PUAs. Our approach can be applied on the target endpoint directly and thus can provide protection against PUAs in real-time.

Original languageEnglish
Title of host publicationData and Applications Security and Privacy - 34th Annual IFIP WG 11.3 Conference, DBSec 2020, Proceedings
EditorsAnoop Singhal, Jaideep Vaidya
PublisherSpringer
Pages261-273
Number of pages13
ISBN (Print)9783030496685
DOIs
StatePublished - 1 Jan 2020
Event34th Annual IFIP WG11.3 Conference on Data and Applications Security and Privacy, DBSec 2020 - Regensburg, Germany
Duration: 25 Jun 202026 Jun 2020

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12122 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference34th Annual IFIP WG11.3 Conference on Data and Applications Security and Privacy, DBSec 2020
Country/TerritoryGermany
CityRegensburg
Period25/06/2026/06/20

Keywords

  • Antivirus
  • Machine learning
  • Potentially unwanted applications

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'PUA detection based on bundle installer characteristics'. Together they form a unique fingerprint.

Cite this