Proxy server having mobile terminal malicious software behavior detection capability and method

A technology of proxy server and mobile terminal, which is applied in the field of working mechanism of new proxy server, and can solve problems such as inability to check installation files of mobile applications

Active Publication Date: 2015-12-23
UNIV OF JINAN
View PDF5 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The traditional proxy server has provided the security function of preventing attacks and acting as a firewall, but when the user uses a mobile terminal to connect to the network through the proxy server, or downloads an application from the network and installs it on the mobile terminal, the traditional proxy server cannot App install files to do any checks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Proxy server having mobile terminal malicious software behavior detection capability and method
  • Proxy server having mobile terminal malicious software behavior detection capability and method
  • Proxy server having mobile terminal malicious software behavior detection capability and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0191] Embodiment, set up the SVM model of machine learning supervised learning algorithm, concrete steps are:

[0192] 5-1) On the basis of the new unknown malware samples found, add category labels to form a new feature set;

[0193] 5-2) In the new feature set, select part of the data as the training set, and another part of the data as the test set;

[0194] 5-3) encoding the parameters of the SVM model;

[0195] 5-4) Initialization work, complete the preprocessing of data and the initialization of model parameters;

[0196] 5-5) training the SVM model on the network traffic feature set extracted from the training set;

[0197] 5-6) Use the test set to evaluate the classification effect of the model;

[0198] 5-7) Evaluate whether the classification effect meets the end condition;

[0199] 5-8) If the end condition has been reached, each parameter of the SVM model is obtained;

[0200] 5-9) Obtain the SVM model by the obtained parameters;

[0201] 5-10) If the end co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a proxy server having a mobile terminal malicious software behavior detection capability and a method. The proxy server comprises a static detection module, a dynamic detection module and a flow behavior analysis module, wherein the static detection module is used for performing static detection on downloaded mobile applications by calling a static detection interface; the dynamic detection module is used for performing secondary detection on the mobile applications which are detected to be normal by the static detection module by calling an API interface provided by a third-party dynamic detection service; and the flow behavior analysis module is used for processing flow of applications installed by a user and detecting whether flow behaviors are generated by malicious software or not through a flow detection service model. A novel proxy server having a triple detection capability is designed. Through primary and secondary detection, the security of the mobile applications installed by the user is basically ensured. Through tertiary flow detection, effective identification of malicious behaviors generated by the malicious software is ensured.

Description

technical field [0001] The invention relates to a working mechanism of a novel proxy server, in particular to a proxy server with mobile terminal malicious software behavior detection capability and a working method. Background technique [0002] With the rapid popularization of mobile terminals, applications on mobile terminals are emerging in an endless stream. Every day, millions of mobile terminal applications appear in major third-party application markets, such as the domestic Android market, Baidu application market, and Anzhi market. Foreign Google Marketplace, Amazon Store, AppleStore, etc. Although the third-party application market has already scanned the installation files for malicious codes before the mobile application is put on the shelves, it is still found that a large number of malicious applications exist in the major third-party application markets. The DroidDream family of malware, discovered in 2011, had infected more than 260,000 Android devices befo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1416H04L67/56
Inventor 张蕾李群陈贞翔杨波韩泓波曹栋
Owner UNIV OF JINAN
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap