iABC: Towards a hybrid framework for analyzing and classifying behaviour of iOS applications using static and dynamic analysis

Is this app safe to use? - A wrong decision can result in privacy breach in iOS devices. In this digital era users extensively use smart devices to store their personal and important information. To ease users' tasks, thousands of free or paid apps are available in app store. However, recent studies reveal startling facts about various attacks and data harvesting incidents through these apps, where personal data is put at risk. Through this paper, we propose a permission induced risk model-iOS Application analyzer and Behavior Classifier (iABC), for iOS devices to detect privacy violations arising due to granting permissions during installation of applications. It is a two-layer process comprising of static and dynamic analysis. It uses reverse engineering to extract permission variables from applications and computes a risk score for each application using ranking algorithms. The approach considers application's category as a key feature for detecting malicious applications while computing static risk score. Different machine learning classifiers were employed to evaluate 1,150 applications. The empirical results show that our proposed model gives detection rate of 97.04%. Furthermore, to assess privacy breaches by applications at run time, dynamic analysis on 50 applications has been performed to obtain dynamic risk scores of installed apps. (c) 2018 Elsevier Ltd. All rights reserved.