An Android malware detection method and technology based on a behavior graph

A malware and detection method technology, applied in the field of computer security, can solve the problems of imperfect feature extraction in detection methods, detection methods cannot be effectively adapted, low accuracy rate, etc., to achieve a good recognition rate, improve reliability, and improve accuracy sexual effect

Inactive Publication Date: 2019-01-11
SICHUAN UNIV
View PDF7 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The purpose of the present invention is to improve the low detection accuracy of the existing detection methods, the imperfect feature extraction of the detection method based on the graph structure, and the inability of the detection method based on batch processing learning to effectively adapt to the newly added malware types, etc., to provide A behavior graph-based Android malware detection method and detection model, using static analysis as the main method and dynamic analysis as the auxiliary detection method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An Android malware detection method and technology based on a behavior graph
  • An Android malware detection method and technology based on a behavior graph
  • An Android malware detection method and technology based on a behavior graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017] The present invention will be further described below in conjunction with accompanying drawings and examples. The invention aims to provide a method and a model for detecting Android malicious software, accurately identify and detect malicious behaviors of application programs, and protect the security of system and user data.

[0018] The present invention provides a novel detection idea, which is different from the mainstream technology for analyzing signatures and behaviors of malicious codes. This is a detection method based on image kernels, and its main advantage lies in the The information is more complete. According to this idea, a behavior graph-based Android malware detection model is designed. The overall structure of the model is as follows: figure 1 As shown, it is mainly divided into preprocessing module, feature extraction module and classification module. Among them, the preprocessing module completes the preprocessing of the application program samples...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of mobile platform malicious code detection, aiming at providing an Android malware detection method and model based on a behavior graph. The method adoptsa detection scheme based on behavior graph, which comprises the following steps: converting application binary data into behavior graph containing directed edges; providing a new feature extraction method based on graph kernel, which extracts more complete feature information from the data of graph structure, wherein the feature contains context-related structured feature information, and can represent the specific behavior of application program more accurately; adopting a stochastic combinatorial updating machine learning algorithm based on on-line multi-core learning to update the model automatically to adapt to the ever-changing distribution; by designing comparative experiments, recording experimental data, and counting the general differences in the criteria for the designation ofthe method. This model has wide applicability and can detect unknown malware effectively. The invention provides a new solution for detecting Android malicious software.

Description

technical field [0001] The invention relates to a behavior graph-based Android malicious software detection method and technology, belonging to computer security technology. Background technique [0002] With the rapid development of smartphones, mobile platforms are now prime targets for malware aggregation. According to Tencent Security's 2017 Internet Security Report, rogue behavior and resource consumption accounted for over 80% of mobile viruses. Almost all personal data information is saved on mobile devices. In the current era of big data, these user data are quite attractive to illegal personnel. The openness of the Android platform makes it impossible for Google to effectively supervise applications. The low threshold for application development and the diversity of distribution channels also provide great convenience for criminals and great troubles for users. [0003] The Android platform has a complex and diverse ecology, and the security situation of mobile ph...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
Inventor 方勇张磊刘亮卢正军吴小王
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap