Chris Gates - Purdue University
Feb 06, 2013
Download: MP4 Video
Watch in your Browser
Watch on YouTube
One of Android's main defense mechanisms against malicious apps is a risk communication mechanism which, before a user installs an app, warns the user about the permissions the app requires, trusting that the user will make the right decision. This approach has been shown to be ineffective as it presents the risk information of each app in a “stand-alone” fashion and in a way that requires too much technical knowledge and time to distill useful information.
We introduce the notion of risk scoring and risk ranking for Android apps, to improve risk communication for Android apps, and identify three desiderata for an effective risk scoring scheme. We propose to use probabilistic generative models for risk scoring schemes, and identify several such models, ranging from the simple Naive Bayes, to advanced hierarchical mixture models. Experimental results conducted using real-world datasets show that probabilistic generative models significantly outperform existing approaches, and that Naive Bayes models give a promising risk scoring approach.
About the Speaker
Christopher Gates is a PhD student in the Computer Science department of Purdue University and a member of CERIAS. He received his Masters Degree in Computer Science in 2005 from Rutgers University, and then worked at a startup company in NYC before deciding to pursue his PhD. His research interests are in information security and machine learning. In particular, his research focuses on using data to help users make more informed and safer security decisions. His research advisor is Prof. Ninghui Li.
Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M.
STEW G52 (Suite 050B), West Lafayette Campus. More information...