Method and apparatus for identifying malicious apk files

A file and malicious technology, applied in the direction of platform integrity maintenance, etc., can solve the problems of missing malicious programs, inability to prevent, and low identification efficiency, and achieve the effects of avoiding manslaughter and missed killing, ensuring safety, and high accuracy

Active Publication Date: 2016-12-28
BEIJING QIHOO TECH CO LTD
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The former identification method requires analysts to manually analyze the existing APK program samples to find out the corresponding characteristics, which heavily depends on the ability of virus analysts, so a large number of experienced personnel are required to meet the needs of solving problems, and due to technical Complicated, the efficiency of recognition is relatively low
Moreover, the use of manual summary feature codes can generally only deal with known malicious APKs, and cannot prevent possible problems, so it has a certain lag; the latter identification method is based on simple features or rules or digital signatures. It is easy to be bypassed by virus creators, causing the problem of missing malicious programs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and apparatus for identifying malicious apk files
  • Method and apparatus for identifying malicious apk files
  • Method and apparatus for identifying malicious apk files

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The algorithms and displays presented herein are not inherently related to any particular computer, virtual system, or other device. Various generic systems can also be used with the teachings based on this. The structure required to construct such a system is apparent from the above description. Furthermore, the present invention is not specific to any particular programming language. It should be understood that various programming languages ​​can be used to implement the content of the present invention described herein, and the above description of specific languages ​​is for disclosing the best mode of the present invention.

[0026] The method and apparatus for identifying malicious APK files introduced in this embodiment are aimed at APK files that maliciously damage the user's rights and interests without the user's knowledge. Wherein, APK is the abbreviation of Android application package file (Android application package file), which can be understood as the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and device for identifying malicious APK files. The method for identifying malicious APK files includes the following steps: selecting a predetermined number of APK file samples; analyzing executable files in the APK file samples and extracting feature strings in the parsed text; using feature strings to construct a list of malicious program feature codes and non- Malicious program feature code list; the feature string corresponding to the APK file sample is compared with the malicious program feature code list and the non-malicious program feature code list to obtain the character string feature vector of the APK file sample, and according to the character string feature vector and The permission of the APK file sample to the system generates the identification feature vector of the APK file; the identification feature vector of multiple APK file samples is trained to generate a classification model for identifying malicious APK files; the classification model is used to identify unknown types of APK files. APK files are identified. Using the technical scheme of the invention, the recognition accuracy is high, and unknown viruses can be predicted.

Description

technical field [0001] The invention relates to the field of Internet computer security protection, in particular to a method and device for identifying malicious APK files. Background technique [0002] APK is the abbreviation of Android application package file, that is, the Android installation package, which can be understood as the application software installed on the Android terminal. With the popularity and development of Android terminals, a variety of APKs have emerged. For example, some APKs harm users through malicious behaviors such as customizing paid services by SMS, making paid calls, and backing up sensitive data in the user's mobile phone to a specific server. rights and interests. This type of malicious APK sneaks into the user's terminal without the user's knowledge and authorization, bringing hidden dangers to the user's information security and property security. [0003] The methods for identifying malicious APKs in the prior art mainly rely on manua...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
Inventor 杨康陈卓
Owner BEIJING QIHOO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap