AI BASED AUTOMATED ANOMALY DETECTION FRAMEWORK FOR MOBILE APPS

Abstract

When it comes to mobile applications, security threats are rising day by day which requires to adopt the advanced detection mechanisms beyond traditional methods. Existing methods significantly depend on heuristic and signature-based models, which have limitations in detecting operational anomalies and unknown threats. This research reveals an AI/ML-driven method that helps in real-time anomaly detection in mobile applications. The suggested system examines API calls to detect deviations from normal behavior. This aids in early finding of security threats, performance issues, and misconfigurations. Unlike traditional methods that depend on periodic scans and predefined rules, this method enhances its capabilities to address growing threats utilizing AI-based models. Analyzing API-level interactions improves detection granularity, which aids in a more effective response to anomalies. The goal of this system is to increase reliability and security in mobile apps by reducing the use of manual approaches and instead depending on a much broader approach, including dynamic ones by introducing a technique where a framework on a backend level takes care of avoiding multiple API calls within the mobile app. This takes away the need for republishing mobile apps and avoids the entire process of internally/ externally testing the app all over again when there is not even a business need for it. Our framework incorporates the following ML approaches i.e. Isolation Forest, Local Outlier Factor, Histogram Based Outlier Score, Autoencoders and One Class Support Vector Machine which we further discuss later in this research. We make the comparisons in terms of finding out the performance and accuracy rate of our overall system using the evaluation metrics such as Accuracy, F1-Score, Precision and Recall. The results are later extracted and concluded to encourage especially the mobile app developers to consider incorporating such frameworks to evolve their systems for the purpose of resolving at least API level issues dynamically without having to make manual interventions on the front-end layer of code and then follow the republishing process all over again.