An Android malware detection method based on depth learning

A malware and deep learning technology, applied in the field of computer and information science, which can solve the problems of low detection accuracy, difficulty in adapting to emerging software, and limited detection scope, and achieve high detection accuracy, easy adaptation, and enhanced features. learning effect

Active Publication Date: 2019-01-25
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF9 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The purpose of the present invention is to solve the problems of low detection accuracy, limited detection scope, and difficulty in a

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An Android malware detection method based on depth learning
  • An Android malware detection method based on depth learning
  • An Android malware detection method based on depth learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In order to better illustrate the purpose and advantages of the present invention, the implementation of the method of the present invention will be further described in detail below in conjunction with examples.

[0026] The specific process is:

[0027] Step 1, get Android positive and negative sample files, and then preprocess the files

[0028] In step 1.1, a total of 24,552 malicious Android software libraries were obtained from http: / / amd.arguslab.org / behaviors, and 21,000 normal software libraries were obtained from the Android market.

[0029] Step 1.2, for each application software, extract the AndroidManifest.xml file, res file, classes.dex file and other files of the Android application software through the Andguard tool for subsequent analysis.

[0030] Step 1.3, decompile the class.dex file through the Andguard tool, and then extract the Dalvik opcode of each Smalli file.

[0031] Step 2, feature extraction is performed on the Android application file.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an Android malware detection method based on depth learning, belonging to the field of computer and information science and technology. The invention firstly extracts featuresof Android application software, and then extracts relevant security features by decompressing and decompressing Android application files. The extracted features include three aspects: file structure feature, security experience feature and N-Gram statistic characteristic. Then the extracted features are numerically processed to construct feature vectors. Finally, a DNN (Deep Neural Network) model is constructed based on the above extracted features. The new Android software is classified and identified by the constructed model. This method combines the analysis of instruction set and has the function of anti-malware confusion. At the same time, malware detection based on depth model can enhance the feature learning, can express the abundant information of big data, and can adapt to theevolving malware more easily.

Description

technical field [0001] The invention relates to a deep learning-based Android malware detection method, which belongs to the technical field of computer and information science. Background technique [0002] With the continuous development of the mobile Internet, smart terminals have become an important part of everyone's life. Android, as the most widely used mobile operating system, has led to the proliferation of malware due to its open and flexible ecological environment. How to effectively detect Android malware is a research topic with great value. The current mainstream Android malicious code detection methods are roughly divided into static detection methods and dynamic detection methods. [0003] 1. Dynamic detection method [0004] The so-called dynamic detection and analysis refers to the method of extracting features for detection and analysis after the detected program is running. The dynamic detection method is mainly to analyze the software by running the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56G06K9/62G06N3/04G06N3/08
CPCG06F21/563G06N3/04G06N3/08G06F18/24
Inventor 罗森林张寒青潘丽敏
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap