Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Method, device and storage medium for detecting android malicious program based on api

A technology of malicious programs and detection methods, applied in the field of network security

Active Publication Date: 2019-01-18
INST OF INFORMATION ENG CAS
View PDF3 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the value of the feature vector using binary (0,1) can only indicate that a certain sensitive behavior has been detected, but having a certain sensitive behavior does not mean that it is malicious in this application. The malicious degree of an Android application is the same as the program itself. Expected Functional Correlation

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and storage medium for detecting android malicious program based on api
  • Method, device and storage medium for detecting android malicious program based on api
  • Method, device and storage medium for detecting android malicious program based on api

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0012] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0013] Embodiments of the present invention provide an API-based Android malicious program detection method, device and storage medium. In the existing Android system, the APK file will form a series of functions through classes, and these functions will call some application programs, and these application programs are called through APIs. ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

An embodiment of the invention provides an API-based Android malicious program detection method, includes decompiling APK file to get smali file, obtaining sensitive API set by Pscout tool, matching API in smali file with API in sensitive API set, composing matching sensitive API set by successful matching API. LibD tool is used to eliminate the API called by the third party library in the matching sensitive API set, and the purified matching sensitive API set is obtained. According to the purified matching sensitive API set, the first eigenvector is constructed, and TF-IDF algorithm reconstructs the first feature vector to obtain a second feature vector;taking the second feature vector as training set, the training depth learning model is used to get the effective classification model, and the effective classification model is used to detect the Android program and obtain the Android malicious program. The embodiment of the invention also provides an active interactive device and a non-transient readable storage medium for realizing the method. The invention can accurately detect the Android malicious program.

Description

technical field [0001] The embodiment of the present invention relates to the technical field of network security, in particular to an API-based Android malicious program detection method, device and storage medium. Background technique [0002] Android malicious application attack technology has become increasingly mature, emerging malware emerges in an endless stream, with many characteristics such as involving a wide range of areas, affecting a wide range, being difficult to detect, leaking state secrets, and causing economic losses to users. Many domestic and foreign scholars have done a lot of research on the detection of Android system. [0003] The current mainstream Android malware detection method is: first, extract the static or dynamic features of the Android application, and combine the static or dynamic features to generate the feature vector of the application; eigenvectors are marked as 1, otherwise 0. Then, use a certain machine learning algorithm to train ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
CPCG06F21/563G06F2221/033
Inventor 刘超喻民李佳楠朱大立姜建国黄伟庆
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com