- IUT Repository Home
- →
- Computer Science and Engineering (CSE)
- →
- Thesis
- →
- Undergraduate
- →
- 2022
- →
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Nafis, Fahim Arsad | |
| dc.contributor.author | Munia, Maysha Afrin | |
| dc.contributor.author | Saiara, Syeda Mishra | |
| dc.date.accessioned | 2023-03-15T06:34:17Z | |
| dc.date.available | 2023-03-15T06:34:17Z | |
| dc.date.issued | 2022-05-30 | |
| dc.identifier.citation | [1] Apr 8 et al. Raxis: Penetration testing, Red Teaming. url: https://raxis. com/. [2] Mamdouh Alenezi and Iman Almomani. “Empirical Analysis of Static Code Metrics for Predicting Risk Scores in Android Applications”. In: Jan. 2018, pp. 84–94. isbn: 978-3-319-78752-7. doi: 10.1007/978-3-319- 78753-4_8. [3] Apktool. url: https://ibotpeaches.github.io/Apktool/. [4] Deathmarine. Luyten: An open source java decompiler GUI for Procyon. url: https://github.com/deathmarine/Luyten. [5] Ken Dunham et al. Android malware and analysis. CRC Press, 2014. [6] Improve your code with Lint checks nbsp;: nbsp; Android developers. url: https: //developer.android.com/studio/write/lint. [7] Linkedin. Linkedin/qark: Tool to look for several security related Android application vulnerabilities. url: https://github.com/linkedin/qark. [8] Maaaaz. Androwarn: Yet another static code analyzer for malicious Android Applications. url: https://github.com/maaaaz/androwarn. [9] Claudio Moraga. “Introduction to Fuzzy Logic”. In: Facta universitatis - series: Electronics and Energetics 18 (Sept. 2005), pp. 319–328. doi: 10. 2298/FUEE0502319M. [10] Ya Pan et al. “A Systematic Literature Review of Android Malware Detection Using Static Analysis”. In: IEEE Access 8 (2020), pp. 116363–116379. doi: 10.1109/ACCESS.2020.3002842. [11] pxb1988. dex2jar: Tools to work with Android .dex and java .class files. url: https://github.com/pxb1988/dex2jar. [12] Akond Rahman et al. “Predicting Android Application Security and Privacy Risk with Static Code Metrics”. In: 2017 IEEE/ACM 4th International Conference on Mobile Software Engineering and Systems (MOBILESoft). 2017, pp. 149–153. doi: 10.1109/MOBILESoft.2017.14. 19 [13] Santoku Linux. url: https://santoku-linux.com/. [14] SonarQube: Code quality and code security. url: https://www.sonarqube. org/. [15] Karl Thurnhofer-Hemsi et al. “Radial basis function kernel optimization for Support Vector Machine classifiers”. In: CoRR abs/2007.08233 (2020). arXiv: 2007.08233. url: https://arxiv.org/abs/2007.08233 | en_US |
| dc.identifier.uri | http://hdl.handle.net/123456789/1767 | |
| dc.description | Supervised by Mr. Ashraful Alam Khan, Assistant Professor, Co-Supervisors: Mr. S. M. Sabit Bananee, Lecturer, Mr. Imtiaj Ahmed Chowdhury, Lecturer, This thesis is submitted in partial fulfillment of the requirements for the degree of Bachelor of Science in Computer Science and Engineering, 2022. | en_US |
| dc.description.abstract | Identifying security flaws and distinguishing non-susceptible code from vulnerable code is a difficult undertaking. Security flaws are usually inert until they are exploited. Software metrics have been widely utilized to forecast and signal a variety of software quality features. We investigate static code metrics and behavioral code metrics, their correlation, and their association with security vulnerabilities in Android applications. The aim of the study is to understand: (i) the comparison between static software metrics and behavioral code metrics; (ii) the ability of these metrics to predict security vulnerabilities, and (iii) which are the strongly correlated static code metrics and behavioral code metrics. From our study, we have found that even though static code metrics require higher computational power, it provides better results to predict the risky behavior of android applications and Random Forest Regression provides more stable results with a better R2 score for this specified dataset which we create for our thesis. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | Department of Computer Science and Engineering(CSE), Islamic University of Technology(IUT), Board Bazar, Gazipur, Bangladesh | en_US |
| dc.subject | static code metrics, behavioral metrics, risk score | en_US |
| dc.title | A Comparative Study of Static Code Metrics and Behavioural Metrics for Predicting Risk Scores in Android Apps | en_US |
| dc.type | Thesis | en_US |
Files in this item
This item appears in the following Collection(s)
-
2022 [52]