Automated Spyware Detection Using End User License Agreements

Boldt, Martin; Jacobsson, Andreas; Lavesson, Niklas; Davidsson, Paul

doi:10.1109/isa.2008.91

Cited by 9 publications

(4 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We now present a study investigating how data mining can be applied to prevent spyware [2]. The occurrence of spyware in applications available over the Internet has become very common.…”

Section: A New Generic MC Methodmentioning

confidence: 99%

Generic Methods for Multi-criteria Evaluation

Lavesson

Davidsson

2008

Proceedings of the 2008 SIAM International Conference on Data Mining

Self Cite

View full text Add to dashboard Cite

“…We now present a study investigating how data mining can be applied to prevent spyware [2]. The occurrence of spyware in applications available over the Internet has become very common.…”

Section: A New Generic MC Methodmentioning

confidence: 99%

Generic Methods for Multi-criteria Evaluation

Lavesson

Davidsson

2008

Proceedings of the 2008 SIAM International Conference on Data Mining

Self Cite

View full text Add to dashboard Cite

“…It have been shown that it is possible to use machine learning techniques to address the problem of EULA classification [12] [2]. Stateof-the-art within commercial tools involve one stand-alone application called EULAlyzer 2 and one website 3 called EULA Analyzer that includes the ability to analyze a EULA.…”

Section: Related Workmentioning

confidence: 99%

“…A comparison is made between EULA Analyzer and 15 machine learning algorithms [2], with the conclusion was that both the Support Vector Machines [6] and Naive Bayes Multinominal [10] algorithms performed significantly better than the state-of-the-art tool. Finally, it could also be added that the performance of these two algorithms have later been improved even more when utilized on an extended data set of EULAs [12].…”

Section: Related Workmentioning

confidence: 99%

Informed software installation through License Agreement Categorization

Borg

Boldt

Lavesson

2011

2011 Information Security for South Africa

Self Cite

View full text Add to dashboard Cite

Abstract-Spyware detection can be achieved by using machine learning techniques that identify patterns in the End User License Agreements (EULAs) presented by application installers. However, solutions have required manual input from the user with varying degrees of accuracy. We have implemented an automatic prototype for extraction and classification and used it to generate a large data set of EULAs. This data set is used to compare four different machine learning algorithms when classifying EULAs. Furthermore, the effect of feature selection is investigated and for the top two algorithms, we investigate optimizing the performance using parameter tuning.

show abstract

“…A more recent study investigates the performance of random forests for the same type of problem, claiming that this algorithm outperforms some of the earlier mentioned algorithms on several problems [7]. We have previously outlined a large number of related studies, which have been conducted within the security research field [1].…”

Section: Related Workmentioning

confidence: 99%

Spyware Prevention by Classifying End User License Agreements

Lavesson

Davidsson

Boldt

et al.

New Challenges in Applied Intelligence Technologies

Self Cite

View full text Add to dashboard Cite

Abstract. We investigate the hypothesis that it is possible to detect from the End User License Agreement (EULA) if the associated software hosts spyware. We apply 15 learning algorithms on a data set consisting of 100 applications with classified EULAs. The results show that 13 algorithms are significantly more accurate than random guessing. Thus, we conclude that the hypothesis can be accepted. Based on the results, we present a novel tool that can be used to prevent spyware by automatically halting application installers and classifying the EULA, giving users the opportunity to make an informed choice about whether to continue with the installation. We discuss positive and negative aspects of this prevention approach and suggest a method for evaluating candidate algorithms for a future implementation.

show abstract

Automated Spyware Detection Using End User License Agreements

Cited by 9 publications

References 10 publications

Generic Methods for Multi-criteria Evaluation

Generic Methods for Multi-criteria Evaluation

Informed software installation through License Agreement Categorization

Spyware Prevention by Classifying End User License Agreements

Contact Info

Product

Resources

About