ISOLATION FOREST PARAMETER TUNING FOR MOBILE APP ANOMALY DETECTION BASED ON PERMISSION REQUESTS

Valencia Claudia Jennifer  Kaunang; Nur Alamsyah; Reni  Nursyanti; Budiman Budiman; Venia R  Danestiara; Elia  Setiana

doi:10.33480/pilar.v21i2.6647

Authors

Valencia Claudia Jennifer Kaunang Universitas Informatika Dan Bisnis Indonesia
Nur Alamsyah Universitas Informatika Dan Bisnis Indonesia
Reni Nursyanti Universitas Informatika Dan Bisnis Indonesia
Budiman Budiman Universitas Informatika Dan Bisnis Indonesia
Venia R Danestiara Universitas Informatika Dan Bisnis Indonesia
Elia Setiana Universitas Informatika Dan Bisnis Indonesia

DOI:

https://doi.org/10.33480/pilar.v21i2.6647

Keywords:

anomaly detection, isolation forest, parameter tuning, permission requests

Abstract

Ensuring mobile app security needs the capability to detect apps that request excessive or inappropriate permissions. This research proposes an anomaly detection approach using Isolation Forest, enhanced through hyperparameter tuning, to identify suspect apps based on permission request patterns. The dataset is processed into binary features, followed by exploratory data analysis (EDA) to examine the distribution and highlight sensitive permissions. The Isolation Forest model is then optimized by tuning parameters such as contamination level, number of estimators, and sample size. The fine-tuned model achieved a more accurate separation between normal and anomaly applications, detecting 10 anomalies out of 200 applications, with anomaly applications averaging 125.10 permits compared to 42.76 in normal applications. These anomalies often requested permissions related to network, storage, contacts and microphone, indicating potential privacy risks. The results show that parameter tuning improves the detection performance of Isolation Forest, providing a practical solution for mobile security monitoring. After tuning, the number of false positives decreased by 50%, and the model successfully reduced detected anomalies from 20 to 10, increasing the precision of anomaly detection from 70% to 90%. Future work could include improving feature selection and integration into real-time detection systems.

Downloads

Download data is not yet available.

References

Al Hwaitat, A. K., Fakhouri, H. N., Alawida, M., Atoum, M. S., Abu-Salih, B., Salah, I. K., Al-Sharaeh, S., & Alassaf, N. (2024). Overview of Mobile Attack Detection and Prevention Techniques Using Machine Learning. International Journal of Interactive Mobile Technologies, 18(10). https://doi.org/10.3991/ijim.v18i10.46485

Alamsyah, N., Budiman, B., Yoga, T. P., & Alamsyah, R. Y. R. (2024). XGBOOST HYPERPARAMETER OPTIMIZATION USING RANDOMIZEDSEARCHCV FOR ACCURATE FOREST FIRE DROUGHT CONDITION PREDICTION. Jurnal Pilar Nusa Mandiri, 20(2), 103–110. https://doi.org/10.33480/pilar.v20i2.5569

Alamsyah, N., Saparudin, & Prima Kurniati, A. (2024). Event Detection Optimization Through Stacking Ensemble and BERT Fine-tuning For Dynamic Pricing of Airline Tickets. IEEE Access , 12, 145254–145269. https://doi.org/

Alamsyah, N., Yoga, T. P., & Budiman, B. (2024). IMPROVING TRAFFIC DENSITY PREDICTION USING LSTM WITH PARAMETRIC ReLU (PReLU) ACTIVATION. JITK (Jurnal Ilmu Pengetahuan Dan Teknologi Komputer), 9(2), 154–160. https://doi.org/10.33480/jitk.v9i2.5046

Alzaabi, F. R., & Mehmood, A. (2024). A review of recent advances, challenges, and opportunities in malicious insider threat detection using machine learning methods. IEEE Access, 12, 30907–30927. https://doi.org/10.1109/ACCESS.2024.3369906

Gao, J., Ozbay, K., & Hu, Y. (2024). Real-time anomaly detection of short-term traffic disruptions in urban areas through adaptive isolation forest. Journal of Intelligent Transportation Systems, 29(3), 269–286. https://doi.org/10.1080/15472450.2024.2312809

Kareem, M. S., & Muhammed, L. A. (2024). Anomaly detection in streaming data using isolation forest. 2024 Seventh International Women in Data Science Conference at Prince Sultan University (WiDS PSU), 223–228. https://doi.org/10.1109/WiDS-PSU61003.2024.00052

Kumari, S., Prabha, C., Karim, A., Hassan, M. M., & Azam, S. (2024). A Comprehensive Investigation of Anomaly Detection Methods in Deep Learning and Machine Learning: 2019–2023. IET Information Security, 2024(1), 8821891. https://doi.org/10.1049/2024/8821891

Li, C., Qi, L., & Geng, X. (2025). A sam-guided two-stream lightweight model for anomaly detection. ACM Transactions on Multimedia Computing, Communications and Applications, 21(2), 1–23. https://doi.org/10.1145/3706574

Maghfira, Z. W., Sutriadi, R., & Perdana, A. B. (2025). Assessing Urban functional area delineation: POI data and kde analysis in pekanbaru. Computational Urban Science, 5(1), 33. https://doi.org/10.1007/s43762-025-00194-w

Mahmood, N. H., Hussein, D. H., Askar, S., & Ibrahim, M. A. (2025). Machine Learning for Network Anomaly Detection A Review. The Indonesian Journal of Computer Science, 14(1). https://doi.org/10.33022/ijcs.v14i1.4703

Mandal, A., & Chatterjee, P. S. (2025). Intrusion Detection System To Counter Sybil Attacks In Underwater Wireless Sensor Networks Using Isolation Forest. 2025 International Conference on Emerging Systems and Intelligent Computing (ESIC), 146–151. https://doi.org/10.1109/ESIC64052.2025.10962762

Nawshin, F., Gad, R., Unal, D., Al-Ali, A. K., & Suganthan, P. N. (2024). Malware detection for mobile computing using secure and privacy-preserving machine learning approaches: A comprehensive survey. Computers and Electrical Engineering, 117, 109233. https://doi.org/10.1016/j.compeleceng.2024.109233

Nazir, A., Iqbal, Z., & Muhammad, Z. (2025). ZTA: a novel zero trust framework for detection and prevention of malicious android applications. Wireless Networks, 31(4), 3187–3203. https://doi.org/10.1007/s11276-025-03935-1

Putrada, A. G., Alamsyah, N., Oktaviani, I. D., & Fauzan, M. N. (2023). A hybrid genetic algorithm-random forest regression method for optimum driver selection in online food delivery. Jurnal Ilmiah Teknik Elektro Komputer Dan Informatika (JITEKI), 9(4), 1060–1079. https://doi.org/10.26555/jiteki.v9i4.27014

Putrada, A. G., Oktaviani, I. D., Fauzan, M. N., & Alamsyah, N. (2024). CNN-LSTM for MFCC-based Speech Recognition on Smart Mirrors for Edge Computing Command. Journal of Dinda: Data Science, Information Technology, and Data Analytics, 4(2), 63–74. https://doi.org/10.20895/dinda.v4i2.1504

Rajendran, R. K., & A., J. S. (2025). Data Privacy and Security Risks in Third-Party App Integrations. In Analyzing Privacy and Security Difficulties in Social Media: New Challenges and Solutions (pp. 311–334). IGI Global Scientific Publishing.

Tabassum, M., Mahmood, S., Bukhari, A., Alshemaimri, B., Daud, A., & Khalique, F. (2024). Anomaly-based threat detection in smart health using machine learning. BMC Medical Informatics and Decision Making, 24(1), 347. https://doi.org/10.1186/s12911-024-02760-4

Westergaard, G., Erden, U., Mateo, O. A., Lampo, S. M., Akinci, T. C., & Topsakal, O. (2024). Time series forecasting utilizing automated machine learning (AutoML): A comparative analysis study on diverse datasets. Information, 15(1), 39. https://doi.org/10.3390/info15010039

Yunmar, R. A., Kusumawardani, S. S., Widyawan, & Mohsen, F. (2024). Hybrid Android Malware Detection: A Review of Heuristic-Based Approach. IEEE Access, 12, 41255–41286. https://doi.org/10.1109/access.2024.3377658.