%0 Conference Proceedings
%T PUA Detection Based on Bundle Installer Characteristics
%+ The Open University of Israel
%+ Ben-Gurion University of the Negev (BGU)
%A Lukach, Amir
%A Gudes, Ehud
%A Shabtai, Asaf
%Z Part 4: Visualization and Analytics for Security
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 34th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec)
%C Regensburg, Germany
%Y Anoop Singhal
%Y Jaideep Vaidya
%I Springer International Publishing
%3 Data and Applications Security and Privacy XXXIV
%V LNCS-12122
%P 261-273
%8 2020-06-25
%D 2020
%R 10.1007/978-3-030-49669-2_15
%K Potentially unwanted applications
%K Machine learning
%K Antivirus
%Z Computer Science [cs]Conference papers
%X Many applications, such as download managers, antivirus, backup utilities, and Web browsers, are distributed freely via popular download sites in an attempt to increase the application’s user base. When such applications also include functionalities which are added as a means of monetizing the applications and may cause inconvenience to the user or compromise the user’s privacy, they are referred to as potentially unwanted applications (PUAs). Commonly used methods for detecting malicious software cannot be applied to detect PUAs, since they have a high degree of similarity to benign applications and require user interaction for installation. Previous research aimed at detecting PUAs has relied mainly on the use of a sandbox to monitor the behavior of installed applications, however, the methods suggested had limited accuracy. In this study, we propose a machine learning-based method for detecting PUAs. Our approach can be applied on the target endpoint directly and thus can provide protection against PUAs in real-time.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-03243639/document
%2 https://inria.hal.science/hal-03243639/file/496047_1_En_15_Chapter.pdf
%L hal-03243639
%U https://inria.hal.science/hal-03243639
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-12122