Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device of recognizing malicious APK files

A file and malicious technology, applied in the direction of platform integrity maintenance, etc., can solve the problems of missing malicious programs, inability to prevent, and low identification efficiency, and achieve the effects of avoiding manslaughter and missed killing, ensuring safety, and efficient protection

Active Publication Date: 2013-12-25
BEIJING QIHOO TECH CO LTD
View PDF3 Cites 62 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The former identification method requires analysts to manually analyze the existing APK program samples to find out the corresponding characteristics, which heavily depends on the ability of virus analysts, so a large number of experienced personnel are required to meet the needs of solving problems, and due to technical Complicated, the efficiency of recognition is relatively low
Moreover, the use of manual summary feature codes can generally only deal with known malicious APKs, and cannot prevent possible problems, so it has a certain lag; the latter identification method is based on simple features or rules or digital signatures. It is easy to be bypassed by virus creators, causing the problem of missing malicious programs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device of recognizing malicious APK files
  • Method and device of recognizing malicious APK files
  • Method and device of recognizing malicious APK files

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The algorithms and displays presented herein are not inherently related to any particular computer, virtual system, or other device. Various generic systems can also be used with the teachings based on this. The structure required to construct such a system is apparent from the above description. Furthermore, the present invention is not specific to any particular programming language. It should be understood that various programming languages ​​can be used to implement the contents of the present invention described herein, and the above description of specific languages ​​is for disclosing the best mode of the present invention.

[0026] The method and apparatus for identifying malicious APK files introduced in this embodiment are aimed at APK files that maliciously damage the user's rights and interests without the user's knowledge. Wherein, APK is the abbreviation of Android application package file, which can be understood as the application software installed on...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a device of recognizing malicious APK files. The method includes the steps of selecting a predetermined amount of APK file samples; analyzing executable files in the APK file samples and extracting feature strings in the analyzed files; establishing a list of malware feature codes and a list of non-malware feature codes through the feature strings; comparing the feature strings of the APK file samples to the list of malware feature codes and the list of non-malware feature codes so as to obtain string feature vectors of the APK file samples, generating recognition feature vectors of the APK files for permissions applied by a system according to the string feature vectors and the APK file samples; training the recognition feature vectors of the APK file samples, and generating a classification model for recognizing malicious APK files; recognizing the APK files of unknown types by the classification models. The method and device has the advantages that recognition accuracy is high and unknown viruses can be predicted.

Description

technical field [0001] The invention relates to the field of Internet computer security protection, in particular to a method and device for identifying malicious APK files. Background technique [0002] APK is the abbreviation of Android application package file, that is, the Android installation package, which can be understood as the application software installed on the Android terminal. With the popularity and development of Android terminals, a variety of APKs have emerged. For example, some APKs harm users through malicious behaviors such as customizing paid services by SMS, making paid calls, and backing up sensitive data in the user's mobile phone to a specific server. rights and interests. This type of malicious APK sneaks into the user's terminal without the user's knowledge and authorization, bringing hidden dangers to the user's information security and property security. [0003] The methods for identifying malicious APKs in the prior art mainly rely on manua...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
Inventor 杨康陈卓
Owner BEIJING QIHOO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products