Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Android malicious software detection method based on API characteristics

A technology of malware and detection methods, applied in the fields of instruments, digital data processing, platform integrity maintenance, etc., which can solve problems such as consumption of traffic for no reason, crashes, file and data damage in mobile phones, etc.

Active Publication Date: 2018-02-23
JINAN UNIVERSITY
View PDF4 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Android malware has had a great impact on the daily use of users. Common problems include: harassing calls and text messages, slow or dead mobile phones, unreasonable consumption of traffic, notification bars and pop-up ads, malicious chargebacks, files and data in mobile phones Destruction, leakage of personal information such as address book text messages, mobile phone poisoning or Trojan horses, and account information being stolen, etc.
Static detection technology mainly obtains information such as software components, applied permissions, and called APIs by decompiling the application, and then selects one or several of them as features, and compares it with the samples in the malicious sample library to judge the application. Whether it is malicious or not, but due to the rapid variation of malicious samples, the recognition accuracy of this detection method is not satisfactory

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android malicious software detection method based on API characteristics
  • Android malicious software detection method based on API characteristics
  • Android malicious software detection method based on API characteristics

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0078] The invention discloses a method for detecting Android malware based on API features, such as figure 1 As shown, the steps are as follows:

[0079] Step S1, obtain a certain number of Android malware training samples to construct the first training sample set, obtain a certain number of Android non-malware training samples to construct the second training sample set; in this embodiment, the Android malicious software in the first training sample set The quantity of software training sample is greater than the quantity of the Android non-malicious software training sample in the second training sample set, obtains 944 Android malicious software training samples to construct the first training sample set in the present embodiment, in the present embodiment, obtains 171 Android non-malware training samples.

[0080] Step S2, for each training sample in the first training sample set and the second training sample set, analyze the API features called in each APK file, there...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an Android malicious software detection method based on API characteristics. The method comprises the steps that a first training sample set and a second training sample set are established, and API characteristic vectors of the training samples are extracted; various API characteristics are selected out according to a value d to form a first API set; a hierarchical structure model of the API characteristics is established to generate first paired comparison matrixes corresponding to second and third layers and second paired comparison matrixes of API packets, and weight vectors are calculated according to the comparison matrixes; weights of the API characteristics in the first API set are calculated; weights eta of the API characteristics called by test samples arecalculated according to the API characteristic vectors of the test samples and the weights of the API characteristics in the first API set; finally, the eta and judgment factors k are compared, whether the test samples are Android malicious software or not is judged according to comparison results, and the detection accuracy of Android malicious software is greatly improved.

Description

technical field [0001] The present invention relates to a detection method of malicious software, in particular to an Android malicious software detection method based on API (Application Programming Interface, Application Programming Interface). Background technique [0002] The fiery mobile Internet has led a new wave of the Internet, and Android has become the most popular mobile operating system in the mobile Internet era. While Android is popular, its own security problems are also becoming more and more prominent. For example, security loopholes are frequently exploited, the number of malicious applications is explosively increasing, and user privacy and property are facing serious security threats. Therefore, the research on the security of Android applications has important academic and application value. Android malware has had a great impact on the daily use of users. Common problems include: harassing calls and text messages, slow or dead mobile phones, unreasona...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/566
Inventor 孙玉霞赵晶晶刘明翁健
Owner JINAN UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com