ASAP 2.0: Autonomous & proactive detection of malicious applications for privacy quantification in 6G network services

Abstract

While 6G networks, reliant on software, promise significant advancements, the proliferation of diverse applications deployed closer to users poses considerable privacy challenges. To counter this, privacy-first software development, as advocated by DevPrivOps, becomes essential. While Privacy-Enhancing Technologies (PETs) are frequently used, their limitations are well-documented. DevPrivOps strives to reinforce software privacy through prioritization, compliance, transparency, optimization, and informed decision-making. A promising alternative to PETs involves quantifying privacy to guide development and pinpoint potential threats, thus enhancing application privacy before deployment on OpenSlice network services. Privacy-centric malicious application detection, amongst other features, is a key component of this privacy quantification framework, serving to inform users of potential harm from such applications. In this study, we focus on privacy-centric malicious application detection. ASAP 2.0, an autonomous system, identifies these threats by scrutinizing requested application permissions. Building on its antecedent, ASAP 2.0 employs a tuned autoencoder trained via unsupervised learning. By analyzing reconstruction errors, it differentiates between potentially harmful and benign applications. A dynamically adjusted threshold assists in the decision-making process. Our model, validated on three public datasets, achieved an average Matthews Correlation Coefficient (MCC) of 0.976, outperforming baseline models such as Logistic Regression and Decision Trees.