Big data hybrid Android malicious code detection method and apparatus

A malicious code detection and hybrid technology, applied in the field of big data hybrid Android malicious code detection, can solve the problems of lack of solutions and high false alarm rate, achieve more detailed and comprehensive detection, high reliability, and reduce false alarm rate high effect

Inactive Publication Date: 2018-04-03
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF5 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Aiming at the technical problem of high false positive rate in the traditional detection method of Android malicious code, there is currently no effective solution

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Big data hybrid Android malicious code detection method and apparatus
  • Big data hybrid Android malicious code detection method and apparatus
  • Big data hybrid Android malicious code detection method and apparatus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0051] A kind of big data hybrid Android malicious code detection method that the embodiment of the present invention provides, such as figure 1 shown, including:

[0052] Step S102, obtaining the installation package of the application to be analyzed, wherein the application to be analyzed is an application running on the Android device.

[0053] Step S104, decompose the installation package to obtain decomposed data, and perform feature extraction from the decomposed data to obtain the attribute characteristics of the installation package. The decomposed data includes at least one of the following: configuration files, digital signature certificates and executable files.

[0054] Step S106, based on the attribute characteristics, perform malicious code detection on the installation package.

[0055] The big data hybrid Android malicious code detection method provided by the embodiment of the present invention decomposes the installation package to obtain decomposed data, th...

Embodiment 2

[0111] Such as Figure 3 to Figure 4 As shown, a big data hybrid Android malicious code detection device provided by the embodiment of the present invention.

[0112] refer to image 3 , the big data hybrid Android malicious code detection device includes:

[0113] The first acquiring module 100 is configured to acquire an installation package of an application to be analyzed, wherein the application to be analyzed is an application running on an Android device;

[0114] The decomposing and extracting module 200 is used to decompose the installation package to obtain decomposed data, and perform feature extraction in the decomposed data to obtain the attribute characteristics of the installation package. The decomposed data includes at least one of the following: configuration files, digital signature certificates and executable document;

[0115] The detection module 300 is configured to detect malicious codes on the installation package based on attribute characteristics....

Embodiment 3

[0141] An embodiment of the present invention provides a computer-readable medium having a non-volatile program code executable by a processor, and the program code causes the processor to execute the method of Embodiment 1.

[0142] Specifically, the storage medium includes: a USB flash drive, a mobile hard disk, a read-only memory (ROM, Read-Only Memory), a random access memory (RAM, Random Access Memory), a magnetic disk or an optical disk, and other media that can store program codes. .

[0143]In the embodiment of the present invention, the program code causes the processor to execute the method of Embodiment 1, that is, to decompose the installation package to obtain decomposed data, and the decomposed data includes at least one of the following: configuration files, digital signature certificates and executable files, and then decompose Feature extraction is performed on the data, and based on attribute features, malicious code detection is performed on the installation...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a big data hybrid Android malicious code detection method and apparatus, and relates to the technical field of computer security. The method comprises: obtaining an installation package of a to-be-analyzed application, wherein the to-be-analyzed application is an application running on an Android device; decomposing the installation package to obtain decomposition data, and carrying out feature extraction on the decomposition data to obtain attribute features of the installation package, wherein the decomposition data comprises at least one of the following: a configuration file, a digital signature certificate, and an executable file; based on the attribute features, carrying out malicious code detection on the installation package. According to the method and apparatus provided by the present invention, the technical problem that the traditional Android malicious code detection method has a high false alarm rate is alleviated.

Description

technical field [0001] The invention relates to the technical field of computer security, in particular to a big data mixed Android malicious code detection method and device. Background technique [0002] With the popularity of the 4G era and the improvement of the performance of mobile terminals, mobile terminals have replaced PCs as the main interactive terminals of the Internet. Among the two major mobile operating systems, Android (Android) accounted for 86.2% of the market in 2016 due to its open source features, followed by an explosive growth in the number of Android applications (Application, APP). [0003] The Android system uses the official JAVA development language and system framework to develop APPs, which makes it difficult to reinforce and protect APPs, and further makes the technical threshold of malicious code implantation methods such as repackaging and forged applications low, making mobile terminals infected with infectious viruses similar to PC files. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/563G06F21/566
Inventor 余皇南范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap