Detecting Code Injection Attacks on Hybrid Apps with Machine Learning

Mobile devices become more and more popular. While code injection attacks can happen in hybrid applications on mobile systems and cause great damage. Thus, it is urgent to detect these attacks. However, the time complexity of the existing detection method is very high. In this paper, we propose a novel detection model based on machine learning. The frequently-used functions in PhoneGap, JavaScript and jQuery are regarded as new features in our model. We use information gain and Chi-square test to select key features from these functions. Then five distinct feature vectors are constructed by using different feature generation methods. Finally, based on these vectors, we employ six kinds of machine learning classifiers, such as genetic algorithms and online learning algorithms, to detect code injection vulnerabilities in hybrid applications. Extensive experiments demonstrate that the extended features can describe the application behavior better and our feature selection methods have good performance. In contrast to the other method, our method reduces the time complexity and reaches higher precision.