Automated Spyware Detection Using End User License Agreements

Author

Boldt, Martin ; Jacobsson, Andreas ; Lavesson, Niklas ; Davidsson, Paul

Author_Institution

Dept. of Syst. & Software Eng., Blekinge Inst. of Technol., Ronneby

fYear

2008

fDate

24-26 April 2008

Firstpage

445

Lastpage

452

Abstract

The amount of spyware increases rapidly over the Internet and it is usually hard for the average user to know if a software application hosts spyware. This paper investigates the hypothesis that it is possible to detect from the end user license agreement (EULA) whether its associated software hosts spyware or not. We generated a data set by collecting 100 applications with EULAs and classifying each EULA as either good or bad. An experiment was conducted, in which 15 popular default-configured mining algorithms were applied on the EULA data set. The results show that 13 algorithms are significantly better than random guessing, thus we conclude that the hypothesis can be accepted. Moreover, 2 algorithms also perform significantly better than the current state-of-the-art EULA analysis method. Based on these results, we present a novel tool that can be used to prevent the installation of spyware.

Keywords

Internet; data mining; security of data; End User License Agreement; Internet; automated spyware detection; default-configured mining algorithm; Application software; Data mining; Information security; Internet; Jacobian matrices; Law; Legal factors; Licenses; Protection; Software engineering; Data mining; Machine learning; Spyware;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Security and Assurance, 2008. ISA 2008. International Conference on

Conference_Location

Busan

Print_ISBN

978-0-7695-3126-7

Type

conf

DOI

10.1109/ISA.2008.91

Filename

4511608