结合应用接口可达性特征的Android恶意软件检测
DOI:
CSTR:
作者:
作者单位:

1.常州大学 计算机与人工智能学院,江苏常州 213000; 2.常州大学 微电子与控制工程学院,江苏常州 213000

作者简介:

通讯作者:

中图分类号:

TP311.5

基金项目:


Android malware detection based on accessibility features of application interface
Author:
Affiliation:

1. School of Computer Science and Artificial Intelligence, Changzhou University, Changzhou 21300, China; 2. School of Microelectronics and Control Engineering, Changzhou University, Changzhou 21300, China

Fund Project:

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    针对Android恶意软件检测,现有的研究多数提出了多种类特征结合机器学习来提高恶意程序检测中检测率,却少有考虑程序内应用接口调用之间的关联和程序调用图中的边信息。本文设计了基于应用接口可达性特征的Android恶意软件检测的方法,该方法基于恶意行为提取了应用接口的可达性特征,有效地使特征集包含边信息。在VirusShare所收集的2018年的恶意程序集中的1151个恶意程序与来自Google Player的1021个良性程序上进行了实验,结果为采用随机森林方法得到的模型相比其他四种方法更有效实现恶意程序的检测,并且模型整体的准确率达到了98.90%。结果表明应用接口可达性特征使得模型的召回率和精度均有所提高,并且相比实验中的其他特征更为重要。

    Abstract:

    For Android malware detection, Most of research proposed multi-type features combined with machine learning to improve the detection rate of malware detection, but rarely considered association between application interface and edge information in call graph. This paper designs a method of Android malware detection based on accessibility feature of application interface. This method extracts accessibility features of application interface based on malicious behaviors, effectively makes feature set contain edge information. Experiments were conducted on 1151 malware collected by VirusShare in 2018 and 1021 benign programs from Google player. Experiments show that random forest is more effective than other four methods in malware detection, and accuracy of model reaches 98.90%. Results show that accessibility features improved recall rate and precision of the model , and is more important than other features in the experiment.

    参考文献
    相似文献
    引证文献
引用本文

金泽宇,朱正伟.结合应用接口可达性特征的Android恶意软件检测[J].电子测量技术,2021,44(9):48-55

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:
  • 最后修改日期:
  • 录用日期:
  • 在线发布日期: 2024-09-29
  • 出版日期:
文章二维码
×
《电子测量技术》
财务封账不开票通知