Sensitive subgraph based on malicious android software re-packaging detection method

A technology of repackaging and subgraphs, applied in computer security devices, instruments, electrical digital data processing, etc., can solve problems such as time-consuming, high resource occupancy, and inability to guarantee coverage, so as to reduce false negatives and avoid interference. , The effect of improving the detection success rate

Active Publication Date: 2016-12-07
XI AN JIAOTONG UNIV
View PDF4 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this detection method consumes a lot of time, has a high occupancy rate of resources, and cannot guarantee the coverage of all execution paths of the target software.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Sensitive subgraph based on malicious android software re-packaging detection method
  • Sensitive subgraph based on malicious android software re-packaging detection method
  • Sensitive subgraph based on malicious android software re-packaging detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] The implementation of the present invention will be described in detail below in conjunction with the drawings and examples.

[0042] see figure 1 As shown, a kind of Android malicious repackaging program detection method based on sensitive subgraph analysis of the present invention comprises the following steps:

[0043] Step S1: Construct a sensitive function set SA={s based on the open source tool Pscout i |1≤i≤680}, where s i Indicates a sensitive function, and then obtains the category c of the Android program to be detected, such as the weather category. For sensitive functions s i , count the number of times it appears in the malicious data set M(s i ) and in the benign dataset B c The number of occurrences in b(s i , c). Calculate sensitive function s based on TF-IDF-like i With respect to the benign dataset B of category c c and the sensitivity coefficient scs(s of the malicious data set M i , c), the calculation formula is where p represents the to...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a sensitive subgraph based on malicious android software re-packaging detection method. The sensitive subgraph based on malicious android software re-packaging detection method includes the steps that sensitive API weighting calculation is performed, sensitive subgraph establishment is performed based on an android program static function call network, then five different structure characteristics are established by utilizing the difference of sensitive API call structures of sensitive subgraphs in benign programs and malicious re-packaging programs, finally a characteristic space is established for a sample set, analysis and detection are performed by utilizing a machine learning method, and accordingly detection of the malicious re-packaging programs is achieved. A sensitivity coefficient calculation method TF-IDF-like is provided based on text vocabulary weighing detection TF-IDF, the method makes sensitive function coefficient calculation only limited to usage distribution of a function themselves in a malicious data set no longer but combine with usage distribution of the sensitive function in a benign data set, and accordingly false detection alarms caused by higher sensitivity coefficients due to the fact that a part of sensitivity functions in a malicious data set and a benign data set are simultaneously called in quantity are decreased.

Description

technical field [0001] The invention relates to the technical field of Android platform software security, in particular to a detection method for Android malicious repackaged software based on a sensitive subgraph. Background technique [0002] Android mobile phones have received more and more attention in recent years. Many mobile phone users choose Android mobile phones and obtain excellent application software from the mobile APP download market (such as Google Play). A big goal. 360, the global leader in Internet security technology, pointed out in the latest "Internet Security Broadcast" that in the second quarter of 2015, 360 Internet Security Center intercepted a total of 5.5 million new malicious program samples on the Android mobile platform, and intercepted new malicious program samples on mobile phones every day on average. There are nearly 60,400 program samples. A total of 65.73 million users infected by malicious programs on mobile terminals have been detect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/563G06F2221/033
Inventor 刘均刘烃范铭郑庆华陈天一刘恒农春崯田振洲庄尔悦
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap