Method and apparatus for identifying malicious apk files

A file and malicious technology, applied in the direction of platform integrity maintenance, etc., can solve the problems of missing malicious programs, inability to prevent, and low identification efficiency, and achieve the effects of avoiding manslaughter and missed killing, ensuring safety, and high accuracy
CN103473506BActive Publication Date: 2016-12-28BEIJING QIHOO TECH CO LTD
3 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN Β· China
Patent Type
Patents(China)
Current Assignee / Owner
BEIJING QIHOO TECH CO LTD
Publication Date
2016-12-28

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a method and device for identifying malicious APK files. The method for identifying malicious APK files includes the following steps: selecting a predetermined number of APK file samples; analyzing executable files in the APK file samples and extracting feature strings in the parsed text; using feature strings to construct a list of malicious program feature codes and non- Malicious program feature code list; the feature string corresponding to the APK file sample is compared with the malicious program feature code list and the non-malicious program feature code list to obtain the character string feature vector of the APK file sample, and according to the character string feature vector and The permission of the APK file sample to the system generates the identification feature vector of the APK file; the identification feature vector of multiple APK file samples is trained to generate a classification model for identifying malicious APK files; the classification model is used to identify unknown types of APK files. APK files are identified. Using the technical scheme of the invention, the recognition accuracy is high, and unknown viruses can be predicted.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the field of Internet computer security protection, in particular to a method and device for identifying malicious APK files. Background technique

[0002] APK is the abbreviation of Android application package file, that is, the Android installation package, which can be understood as the application software installed on the Android terminal. With the popularity and development of Android terminals, a variety of APKs have emerged. For example, some APKs harm users through malicious behaviors such as customizing paid services by SMS, making paid calls, and backing up sensitive data in the user's mobile phone to a specific server. rights and interests. This type of malicious APK sneaks into the user's terminal without the user's knowledge and authorization, bringing hidden dangers to the user's information security and property security.

[0003] The methods for identifying malicious APKs in the prior art mainly rely on manua...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More