节点文献

基于组合式算法的Android恶意软件检测方法

Android malware detection method based on combined algorithm

  • 推荐 CAJ下载
  • PDF下载
  • 不支持迅雷等下载工具,请取消加速工具后下载。

【作者】 陈昊卿斯汉

【Author】 CHEN Hao;QING Sihan;School of Software and Microelectronics, Peking University;Institute of Software, Chinese Academy of Sciences;State Key Laboratory of Information Security, Institute of Information Engineering,Chinese Academy of Sciences;

【机构】 北京大学软件与微电子学院中国科学院软件研究所中国科学院信息工程研究所信息安全国家重点实验室

【摘要】 为解决当前恶意软件静态检测方法中适用面较窄、实用性较低的问题,通过组合式算法筛选出最优分类器,并以此为基础实现了一个检测系统。首先使用逆向工程技术提取软件的特征库,并通过多段筛选得到分类器的初步结果。提出了一种基于最小风险贝叶斯的分类器评价标准,并以此为核心,通过对初步结果赋权值的方式得到最优分类器结果。最后以最优结果为核心实现了一个Android恶意软件检测系统原型。实验结果表明,该检测系统的分析精度为86.4%,并且不依赖于恶意代码的特征。

【Abstract】 In order to solve the problems in applicability and usability of today ’s static malware detection method, a detection system was implemented by using the optimal classifier selected by a combined algorithm as the core.Firstly, the reverse engineering was used to extract the software feature, then the preliminary results of the classifier was got by multi-stage screening. A classifier evaluation was presented based on minimum risk Bayes. Using the new one as the core, the optimal classifier results was got by assignment. Finally, an Android malware detection system prototype was realized using the optimal results as the core. Experimental results show that the analysis accuracy of the proposed detection system was 86.4%, and does not depend on characteristics of the malicious code.

【基金】 国家自然科学基金资助项目(No.61170282)~~
  • 【文献出处】 电信科学 ,Telecommunications Science , 编辑部邮箱 ,2016年10期
  • 【分类号】TP316;TP309
  • 【被引频次】3
  • 【下载频次】113
节点文献中: 

本文链接的文献网络图示:

本文的引文网络