Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A deep learning-based android malware detection method

A malicious software and deep learning technology, applied in the field of computer and information science, can solve problems such as difficulty in adapting to emerging software, low detection accuracy, and limited detection scope, and achieve easy adaptation, high detection accuracy, and enhanced features learning effect

Active Publication Date: 2021-10-12
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The purpose of the present invention is to solve the problems of low detection accuracy, limited detection scope, and difficulty in adapting to emerging software in conventional Android malware detection methods, and propose a malware detection method based on deep learning

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A deep learning-based android malware detection method
  • A deep learning-based android malware detection method
  • A deep learning-based android malware detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In order to better illustrate the purpose and advantages of the present invention, the implementation of the method of the present invention will be further described in detail below in conjunction with examples.

[0026] The specific process is:

[0027] Step 1, get Android positive and negative sample files, and then preprocess the files

[0028] In step 1.1, a total of 24,552 malicious Android software libraries were obtained from http: / / amd.arguslab.org / behaviors, and 21,000 normal software libraries were obtained from the Android market.

[0029] Step 1.2, for each application software, extract the AndroidManifest.xml file, res file, classes.dex file and other files of the Android application software through the Andguard tool for subsequent analysis.

[0030] Step 1.3, decompile the class.dex file through the Andguard tool, and then extract the Dalvik opcode of each Smalli file.

[0031] Step 2, feature extraction is performed on the Android application file.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a deep learning-based Android malware detection method, which belongs to the technical field of computer and information science. The invention first extracts the features of the Android application software, and then extracts the relevant security features through operations such as decompressing and decompiling the Android application files. The extracted features include three aspects: file structure features, security experience features, and N-gram statistical features composed of Dalvik instruction sets. Then the extracted features are numerically processed to construct feature vectors. Finally, a DNN (Deep Neural Network) model is constructed based on the above extracted relevant features. Classify and identify new Android software through the constructed model. This method combines the analysis of the instruction set, which has the effect of resisting malware confusion. At the same time, the malware detection based on the deep model can enhance feature learning, can well express the rich internal information of big data, and is easier to adapt to the evolving malware. .

Description

technical field [0001] The invention relates to a deep learning-based Android malware detection method, which belongs to the technical field of computer and information science. Background technique [0002] With the continuous development of the mobile Internet, smart terminals have become an important part of everyone's life. Android, as the most widely used mobile operating system, has led to the proliferation of malware due to its open and flexible ecological environment. How to effectively detect Android malware is a research topic with great value. The current mainstream Android malicious code detection methods are roughly divided into static detection methods and dynamic detection methods. [0003] 1. Dynamic detection method [0004] The so-called dynamic detection and analysis refers to the method of extracting features for detection and analysis after the detected program is running. The dynamic detection method is mainly to analyze the software by running the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56G06K9/62G06N3/04G06N3/08
CPCG06F21/563G06N3/04G06N3/08G06F18/24
Inventor 罗森林张寒青潘丽敏
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products