Event-aware Android malicious software detection method

A technology of malware and detection method, applied in the field of event-aware Android malware detection and malware detection, can solve the problems of indistinguishable, difficult to detect, unable to extract effective semantic information, etc., and achieve the effect of robustness

Active Publication Date: 2019-04-12
WUHAN UNIV
View PDF8 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Behavior hidden in this way is difficult to detect with most motion detection techniques
At the same time, many static detection technologies cannot distinguish APIs in different events, so it is impossible to judge whether the behavior of an event is abnormal
[0006] To sum up, the current Android malicious application detection technology based on static and dynamic analysis cannot adapt well to the evolution of malicious applications. Most of these technologies are based on API calls for detection, but only considered from the API level, and cannot extract Sufficient effective semantic information, so it is difficult to detect malicious applications developed based on new version systems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Event-aware Android malicious software detection method
  • Event-aware Android malicious software detection method
  • Event-aware Android malicious software detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] Below in conjunction with accompanying drawing and specific embodiment the present invention will be described in further detail:

[0052] The invention belongs to the field of software security. Considering that when the Android system is updated, there will be API updates and the characteristics of malicious software hiding malicious behavior in various events, an event-aware Android malware detection method is proposed, which is automatically analyzed from the event level. Android software behaviors are used to detect hidden behaviors, and at the same time, converting behaviors in events into API function groups can resist the evolution of malware. The invention can enhance the capability of resisting the degradation of the performance of the detection model caused by the update of the Android system and the evolution of malicious software.

[0053] The method provided by the invention can use computer software technology to realize the process. see figure 2 , an ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an event-aware Android malicious software detection method. The method comprises the following steps: extracting a calling graph of an API in Android software by utilizing FlowDandroid; all events of the Android software are acquired by utilizing the calling graph; converting the API in each event into a word vector by using Doc2Vec; dividing each API in the event into corresponding functional clusters by using a clustering algorithm to form a functional cluster of the event; data features are classified by using a specially designed neural network; and finally, deploying a feature extraction module and a trained neural network to detect the Android software online, and analyzing a behavior mode of the event in the Android software by utilizing a function cluster inthe event to enhance the resistance to malicious software evolution and improve the capability of detecting malicious behaviors hidden by the malicious software.

Description

technical field [0001] The invention belongs to malware detection in the field of software security, and in particular relates to an event-aware Android malware detection method. technical background [0002] With the popularity of Android phones and the proliferation of Android applications, malicious applications have received more and more attention because of their loss of user privacy and property. In 2017, Android accounted for 86 percent of the smartphone market, up 1.1 percent from the previous year. Due to the increasing popularity of the Android system by users and manufacturers and the open source nature of its development ecosystem, more and more malicious applications have appeared in the Android market. These Android applications that steal user privacy for profit have become a Great worry. According to Qihoo 360’s 2017 Android Malware Security Report, 80% of malware is designed to increase user traffic consumption. In addition, other malware, such as Trojans...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06N3/04
CPCG06F21/56G06N3/04Y02D10/00
Inventor 王骞雷涛
Owner WUHAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap