18th-March-2021

• Triple security framework consists of the following:

• (A) Static Analysis

• (B) Dynamic Analysis

• (C) Semantic Analysis

• (A) and (B) analyses can provide a quite significant collect data measure against noise. Behavior analysis by semantic that can be a very good addition from the highest accuracy data by Ontology index values.

• Static Analysis

• By static analysis we mean the collected data analysis without actually running the App service program. Static analysis include analysis of flaws in code like:

1. Buffer Overflow

2. SQL Injection

3. Hardcoded Credentials

4. Activity Injection

5. Memory Leaks

6. Null Dereference etc.

• Dynamic Analysis

• By dynamic analysis we mean the analysis that can be performed when an application is actually running. It is achieved by running the app in a sandbox environment and analyzing things like these:

1. Logs for Sensitive Values

2. Network Related Requests

3. Crypto Mining

4. File Operations

5. Permissions etc.

   1. Semantic Analysis

6. Semantic Analysis is responsible for analyzing the behavior of the app.

7. If the behavior is valid the app can be run otherwise it will not be allowed execution rights.

8. This analysis does not depend on attack signatures therefore it can provide protection from zero day attacks.

9. It is required to run each analysis at-least 24 hours so that maximum vulnerabilities are discovered.

Final Decision Making

θj is bias factor of judgment condition by 24 hours period.