Android Application Risk Indicator Based on Feature Analysis Utilizing Machine Learning

As the penetration rate of smart mobile devices has increased, threats targeting the Android platform, which accounts for the majority of mobile operating systems, have increased. As a typical example, a fake Korea Financial Supervisory Service application(app) appeared at the end of 2017. When users installed this app and called the Financial Supervisory Service, there was a case of fake loan consultation, which resulted in financial loss and leakage of personal information. There have been a variety of malicious apps targeting mobile devices. As a result, it became necessary to detect the risks to such malicious apps and to make decisions about the apps. In this paper, we created a model to evaluate the risk of apps in Android and define the characteristics of each element. In addition, the risk from the model is used to make a risk map for decision making using unsupervised algorithms. To make the risk map in this paper uses the data of 2970 apps that is malicious or benign. As a result of the experiment, some of the benign apps were classified as very high risk. They had a lot of high-risk permissions, and there was a need for users to be careful. The results of this study can help users know the exact risk of Android apps and help detect unknown malicious apps.