期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

Android恶意软件检测方法研究 被引量:13

Research of Malware Detection Approach for Android
在线阅读 下载PDF
导出
摘要 针对Android恶意软件泛滥的局面,提出了一种基于行为的恶意软件动态检测的方法。首先,综合收集软件运行时的动态信息,包括软件运行时系统的信息和软件的内核调用信息,并将内核调用序列截断成定长短序列的形式。其次,将各方面信息统一为属性、属性值的形式。以信息增益作为指标,选用C4.5算法筛选出信息增益高、作用不重叠的属性,并依据信息增益的大小为各属性正比分配权重因子。最后,用K最近邻算法完成机器学习,识别出与样本类似的恶意软件,并将未知类型的软件标记为疑似恶意。实验结果表明,该方法识别率高、误报率低。通过增大学习样本库,识别的效果可以进一步提高。 In view of the flood situation for Android malware, propose a method of behavior-based dynamic malware detection. First, get a comprehensive collection of software run-time information, including system information and kernel calls. The kernel call sequences are truncated to fixed length. Second, form all the information as property and values. Taking information gain as an indicator, select properties that have high information gain and different impact by applying the C4. 5 algorithm, and proportionally assign weighting factor to properties based on the size of the information gain. Finally. apply K - Nearest Neighbor algorithm to complete the process of machine learning. making the system identify malicious software that similar to the sample. and regard unknown types of software as suspected malware. The result of experiment shows that the method has a high true positive rate and low false positive rate. Moreover. the result can be further improved with the increase of the learning sample library.
作者 冯博 戴航 慕德俊
机构地区 西北工业大学自动化学院
出处 《计算机技术与发展》 2014年第2期149-152,共4页 Computer Technology and Development
基金 2012教育部博士点基金(20126102110036)
关键词 Android安全 恶意软件 动态检测 机器学习 Android security malware , dynamic detection machine learning
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

同被引文献72

  • 1庄蔚蔚,姜青山.恶意软件鉴别技术及其应用[J].集成技术,2012,1(1):55-64. 被引量:3
  • 2杨欢,张玉清,胡予濮,刘奇旭.基于权限频繁模式挖掘算法的Android恶意应用检测方法[J].通信学报,2013,34(S1):106-115. 被引量:48
  • 3ISOHARA T, TAKEMORI K, KUBOTA A. Kernel-based behavior analysis for Android malware detection [ C ]///Proc of 7th International Conference on Computational Intelli- gence and Security. 2011.
  • 4ZHOU Yajin, JIANG Xuxian. Dissecting Android malware: Characterization and evolution [ C ]//Proc of IEEE Sympo- sium on Security and Privacy. 2012:95 - 109.
  • 5FELT A P, GREENWOOD K, WAGNER D. The effective- ness of application permissions[ C]//Proc of USENIX We- bApps. 2011.
  • 6BORJA S, IGOR S, CARLOS L, et al. PUMA : Permission usage to detect malware in Android [ C ]//International Joint Conference. Berlin, Germany: Springer, 2012: 289 - 298.
  • 7Wu L,Grace M ,Zhou Y ,et al. The impact of vendor customi- zations on Android security [ C ]//Proceedings of the 2013 ACM SIGSAC conference on computer & communications se-eurity. Is. 1. ] :ACM,2013:623-634.
  • 8Grace M C,Zhou W,Jiang X,et al. Unsafe exposure analysis of mobile in-app advertisements [ C ]//Proceedings of the fifth ACM conference on security and privacy in wireless and mo- bile networks. [ s. 1. ] :ACM ,2012:101-112.
  • 9Zhou Y ,Jiang X. Detecting passive content leaks and pollution in Android applications[ C ]//Proceedings of the 20th annual symposium on network and distributed system security. [ s. 1. ] :Is. n. ],2013.
  • 10Zhou W,Zhang X, Jiang X. AppInk:watermarking Android apps for repackaging deterrence [ C ]//Proceedings of the 8th ACM SIGSAC symposium on information, computer and com- munications security. [ s. 1. ] : ACM,2013 : 1 - 12.

引证文献13

二级引证文献35

计算机技术与发展
2014年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部