An Android malicious software detection method based on a sensitive calling path

A technology of malware and detection methods, applied in the field of information security, can solve the problems of low accuracy and insufficient granularity, and achieve the effect of high precision, easy expansion, and improvement of the degree of intelligent detection

Active Publication Date: 2019-04-26
XIDIAN UNIV
View PDF6 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, if these features are properly used by Android applications, the filtering mechanism in this me

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An Android malicious software detection method based on a sensitive calling path
  • An Android malicious software detection method based on a sensitive calling path
  • An Android malicious software detection method based on a sensitive calling path

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The present invention will be described in further detail below in conjunction with the accompanying drawings.

[0033] refer to figure 1 , the implementation steps of the present invention are as follows:

[0034] Step 1, collect malicious and benign Android application software samples.

[0035] Download and collect known malicious and benign Android application software samples from domestic and foreign mainstream application markets and public data sets, among which malicious samples and benign samples account for half each, and the number of each sample is not less than B, and B is greater than or equal to 1 positive integer;

[0036] This embodiment downloads and collects 16,300 Android malicious software and 16,300 Android benign software from Google Play, Drebin data set, and VirusShare sample library.

[0037] Step 2, build a sensitive target interface API list.

[0038] The sensitive target interface API list refers to a series of sensitive target interfac...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Android malicious software detection method based on a sensitive calling path, and mainly solves the problem that an existing scheme is low in malicious software detection accuracy. According to the scheme, a sensitive target interface API list is constructed through a natural language processing technology; Generating a sensitive calling path set by using the Android application software subjected to reverse analysis; Taking the sensitive calling path as a feature, and establishing an Android sensitive calling path feature library by analyzing a large number of benign software and malicious software data sets; Processing the sensitive calling path set of the sample into a feature vector, and training a classifier model by adopting a supervised machine learning algorithm by utilizing the feature vector; And detecting whether the Android application software with unknown security is malicious software or not by using the trained classifier model. The method ishigh in precision, easy to expand and remarkable in intelligence, and can be used for automatic detection of the mobile terminal and examination and analysis of the Android application market.

Description

technical field [0001] The invention belongs to the technical field of information security, and in particular relates to an Android malicious software detection method, which can be used for automatic detection of mobile terminals and review and analysis of Android application markets. Background technique [0002] The Android system is currently the most popular and widely used mobile operating system carried on mobile terminals. As Android applications are deeply integrated into human life, malware is also on the rise. According to the latest threat report released by McAfee Labs in March 2018, by the end of 2017, the total number of mobile malware had reached nearly 25 million, and the global mobile malware infection rate exceeded 11%. Once a user installs and infects a malicious program, all private data will face the risk of being stolen and manipulated, which will cause great harm. [0003] The Android platform has a large number of applications. It is necessary to ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56G06K9/62
CPCG06F21/561G06F18/24G06F18/214
Inventor 陈均孙聪杨超王超许昕鹏马豫宛冯鹏斌
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap