摘要
在当下恶意软件蔓延的背景下,恶意软件检测需求不断增加。提出一种基于改进的图注意机制模型的安卓恶意软件检测方法,通过静态分析提取API调用图,显示出应用程序的行为。通过使用SDNE图嵌入算法,从API调用图中进行结构特征和内容特征的学习。在模型学习的过程中,采用一种计算双向图注意力权重的策略,旨在提高对相似节点的保留,并增强节点属性之间的相似性。最后,借助自注意力卷积层生成权重自适应的表示,并在池化层中生成图嵌入表示,以用于检测任务。基于CICMalDroid 2020数据集显示,该方法在安卓恶意软件检测领域表现出较高的有效性,准确率达到97.90%。与原有的图注意力网络模型相比,准确率提升0.03%,验证了该方法的实用性和有效性。该研究成果显示出该方法在应对不断增长的恶意软件威胁方面具有潜力,可为安卓恶意软件检测提供更准确和可靠的解决方案。
In the context of the spread of malware,the demand for malware detection is increasing.This paper presents an Android malware detection method based on an improved graph attention mechanism model.The methodology in-volves extracting the API call graph through static analysis,which shows the behavior of the application.Subsequently,the structural features and content features are acquired from the API call graph by using the SDNE graph embedding al-gorithm.In the process of model learning,a strategy is adopted to calculate the bidirectional graph attention weights,ai-ming to improve the retention of similar nodes and enhance the similarity between node properties.Finally,a weight-a-daptive representation is generated with the help of the self-attention convolution layer,and a graph embedding represen-tation is generated in the pooling layer for use in the detection task.The experimental results are based on the CICMal-Droid 2020 data set,showing that this method shows high effectiveness in the field of Android malware detection,with an accuracy of 97.90%.Compared with the original graph attention network model,it improves the accuracy by 0.03%,verifying the practicability and effectiveness of the proposed method.The results show the potential to deal with growing malware threats and to provide a more accurate and reliable solution for Android malware detection.
作者
唐明婕
甘刚
TANG Mingjie;GAN Gang(College of Cybersecurity,Chengdu University of Information Technology,Chengdu 610225,China)
出处
《成都信息工程大学学报》
2025年第1期21-28,共8页
Journal of Chengdu University of Information Technology
基金
四川省科技计划资助项目(23ZDYF0380、2021ZYD0011)。
