Android malware static detection method based on random forest

A malicious software and random forest technology, applied in the field of information security, can solve the problems of high false alarm rate, high resource consumption, low accuracy rate of unknown software, etc., to overcome the low accuracy rate, easy to expand, and ensure objectivity and accuracy sexual effect

Inactive Publication Date: 2017-06-13
XIJING UNIV
View PDF6 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] The object of the present invention is to provide a kind of Android malicious software static detection technology based on random forest, overcome the low accuracy rate (that is, the universality of malware feature is relatively poor) when unknown software is detected by traditional static detection technology problems, and made up for the relatively complex process of dynamic detection technology, the consumption of more resources, and the high false alarm rate caused by insufficient training.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android malware static detection method based on random forest
  • Android malware static detection method based on random forest
  • Android malware static detection method based on random forest

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The present invention will be further described below in conjunction with the examples.

[0035] A kind of Android malicious software static detection method based on random forest, this detection method comprises the following steps:

[0036] Step 1): Obtain 1065 normal Android applications and 1065 malicious applications from the Android market and http: / / virusshare.com / ;

[0037] Step 2): use apktool.jar to decompile the APK files of all applications, select 600 normal applications and malicious applications as research objects for statistical analysis to form a training set, and the remaining APKs form a test set;

[0038] Step 3): Extract permission features, extract all permissions, system events, and requested APIs that appear in malicious apps and normal apps as features, use TF-IDF or cosine similarity methods to calculate the frequency of occurrence of each feature and calculate The ratio of the number of times a certain feature appears in 600 malicious softw...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an Android malware static detection method based on random forest and belongs to the technical field of network security. According to the method, characteristic vectors consisting of permissions, monitored system events, sensitive APIs and permission rates are constructed, a training model and a prediction model of Android malware based on a random forest algorithm in support machine learning are established, then, the validity of the models is verified through sample calculation with a tenfold cross validation method. The prediction accuracy of the model can reach 89.91%. The method has the significant advantages as follows: 1) main characteristics involved in each Android application are acquired with a simple and quick static analysis method, besides, no dynamic tracking is involved, and the characteristics of low cost and high efficiency are realized; 2) the used four groups of characteristic vectors comprising the permissions, monitored system events, sensitive APIs and permission rates can be captured easily by each Android application, and the method is easy to popularize on an Android platform.

Description

technical field [0001] The invention relates to a detection method of an Android malicious App. The detection method is based on a random forest algorithm in machine learning and belongs to the field of information security. Background technique [0002] Google's Android platform has developed rapidly in recent years, and has occupied a dominant position in the market. The types and numbers of Android software have increased sharply, and malicious software has also emerged in an endless stream. According to statistics, the number of malicious software based on the Android platform is increasing exponentially, which poses a serious security threat to users. Smartphones provide users with great convenience and speed, such as: they can enjoy mobile banking services, mobile client malls, web search and social networking services anytime and anywhere. security vulnerabilities and threats. At present, hackers are gradually expanding their attack targets from personal computers t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62
CPCG06F21/563G06F2221/033G06F18/285G06F18/2113G06F18/214G06F18/24323
Inventor 尤著宏施炜雷朱会娟张善文苗发彪
Owner XIJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap