Using Machine Learning to Detect Vault (Anti-Forensic) Apps
Content hiding, or vault applications (apps), are designed with a secondary, often concealed purpose, such as encrypting and storing files. While these apps may serve legitimate functions, they unequivocally present significant challenges for law enforcement. Conventional methods for tackling this i...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-04-01
|
| Series: | Future Internet |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1999-5903/17/5/186 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850126961558421504 |
|---|---|
| author | Michael N. Johnstone Wencheng Yang Mohiuddin Ahmed |
| author_facet | Michael N. Johnstone Wencheng Yang Mohiuddin Ahmed |
| author_sort | Michael N. Johnstone |
| collection | DOAJ |
| description | Content hiding, or vault applications (apps), are designed with a secondary, often concealed purpose, such as encrypting and storing files. While these apps may serve legitimate functions, they unequivocally present significant challenges for law enforcement. Conventional methods for tackling this issue, whether static or dynamic, prove inadequate when devices—typically smartphones—cannot be modified. Additionally, these methods frequently require prior knowledge of which apps are classified as vault apps. This research decisively demonstrates that a non-invasive method of app analysis, combined with machine learning, can effectively identify vault apps. Our findings reveal that it is entirely possible to detect an Android vault app with 98% accuracy using a random forest classifier. This clearly indicates that our approach can be instrumental for law enforcement in their efforts to address this critical issue. |
| format | Article |
| id | doaj-art-171e77a0cc274b02bc1b1d044d1531c4 |
| institution | OA Journals |
| issn | 1999-5903 |
| language | English |
| publishDate | 2025-04-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Future Internet |
| spelling | doaj-art-171e77a0cc274b02bc1b1d044d1531c42025-08-20T02:33:48ZengMDPI AGFuture Internet1999-59032025-04-0117518610.3390/fi17050186Using Machine Learning to Detect Vault (Anti-Forensic) AppsMichael N. Johnstone0Wencheng Yang1Mohiuddin Ahmed2School of Science, Edith Cowan University, Perth, WA 6027, AustraliaSchool of Mathematics, Physics and Computing, University of Southern Queensland, Toowoomba, QLD 4350, AustraliaSchool of Science, Edith Cowan University, Perth, WA 6027, AustraliaContent hiding, or vault applications (apps), are designed with a secondary, often concealed purpose, such as encrypting and storing files. While these apps may serve legitimate functions, they unequivocally present significant challenges for law enforcement. Conventional methods for tackling this issue, whether static or dynamic, prove inadequate when devices—typically smartphones—cannot be modified. Additionally, these methods frequently require prior knowledge of which apps are classified as vault apps. This research decisively demonstrates that a non-invasive method of app analysis, combined with machine learning, can effectively identify vault apps. Our findings reveal that it is entirely possible to detect an Android vault app with 98% accuracy using a random forest classifier. This clearly indicates that our approach can be instrumental for law enforcement in their efforts to address this critical issue.https://www.mdpi.com/1999-5903/17/5/186software developmentvault appscontent hidingmalware detectionmachine learningAndroid |
| spellingShingle | Michael N. Johnstone Wencheng Yang Mohiuddin Ahmed Using Machine Learning to Detect Vault (Anti-Forensic) Apps Future Internet software development vault apps content hiding malware detection machine learning Android |
| title | Using Machine Learning to Detect Vault (Anti-Forensic) Apps |
| title_full | Using Machine Learning to Detect Vault (Anti-Forensic) Apps |
| title_fullStr | Using Machine Learning to Detect Vault (Anti-Forensic) Apps |
| title_full_unstemmed | Using Machine Learning to Detect Vault (Anti-Forensic) Apps |
| title_short | Using Machine Learning to Detect Vault (Anti-Forensic) Apps |
| title_sort | using machine learning to detect vault anti forensic apps |
| topic | software development vault apps content hiding malware detection machine learning Android |
| url | https://www.mdpi.com/1999-5903/17/5/186 |
| work_keys_str_mv | AT michaelnjohnstone usingmachinelearningtodetectvaultantiforensicapps AT wenchengyang usingmachinelearningtodetectvaultantiforensicapps AT mohiuddinahmed usingmachinelearningtodetectvaultantiforensicapps |