Android malicious software detection method and device based on capsule network

A malware and detection method technology, applied in the field of network security, can solve problems such as inability to apply smart mobile device terminals, complex detection model design, software signature library cannot detect unknown malware, etc., achieve good detection results and facilitate classification detection Effect

Active Publication Date: 2019-11-08
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
View PDF9 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, today's obfuscation techniques are becoming more and more complex. Static analysis techniques based on signatures can be bypassed by multiple obfuscation techniques such as polymorphism, encryption, and packaging, while detection methods based on software signature libraries cannot detect new unknown malware; behavior-based Although the dynamic detection technology can avoid the interference of obfuscation technology, it needs to dynamically monitor and track executable programs in a honeypot environment, which has the disadvantages of high computing resource requirements and low e

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android malicious software detection method and device based on capsule network
  • Android malicious software detection method and device based on capsule network
  • Android malicious software detection method and device based on capsule network

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0028] In order to make the objectives, technical solutions and advantages of the present invention clearer and more comprehensible, the present invention will be described in further detail below with reference to the accompanying drawings and technical solutions.

[0029] At present, there are many problems in the field of malware detection. The detection rate of traditional static detection algorithms in the face of code obfuscation, packing, signature and other camouflage technologies is significantly reduced; detection methods based on dynamic behavior monitoring occupy a lot of system resources and cannot be applied to Android smart mobile Terminal; the feature extraction and screening of malware in the early stage of the machine learning algorithm is too complicated, and the cross-platform detection model is less versatile. In view of this, in the embodiment of the present invention, refer to figure 1 As shown, a capsule network-based Android malware detection method is...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of network security, and particularly relates to an Android malicious software detection method and device based on a capsule network, and the method comprises the steps: collecting an Android software file sample, decompressing a to-be-processed file, converting the to-be-processed file into an RGB three-channel color image, and enabling the RGB three-channel color image to serve as training sample data; constructing a capsule network, and training the capsule network by using the sample data to obtain a trained network model containing a graph structure and network parameters, the capsule network realizing transmission between feature vectors in a capsule layer through an iterative dynamic routing algorithm; and inputting the to-be-detected target file into the trained capsule network model for testing, and judging whether the to-be-detected target file is a malicious software file or not through an output result. The method and device canefficiently run on the Android operation platform, occupy few resources, are high in efficiency and accuracy, can realize high-accuracy classification detection tasks even under the condition of small-scale training samples, and achieve the purpose of protecting the Android intelligent mobile terminal.

Description

technical field [0001] The invention belongs to the technical field of network security, in particular to a capsule network-based Android malware detection method and device. Background technique [0002] With the advent of the era of big data, Internet technology and mobile Internet technology have achieved rapid development, and the number of malicious application software has also increased rapidly, especially the new mobile malicious application software has shown an exponential growth trend. Space presents unprecedented challenges. Existing malware detection methods include: static detection methods based on OpCoden-gram type and formal description of Dalvik instructions to extract features; dynamic detection methods such as dynamic analysis based on API call sequence comparison, TaintDroid model using dynamic taint tracking technology; Based on Naive Bayesian (NativeBes, NB), Support Vector Machine (Support Vector Machine, SVM) and other machine learning classificatio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56G06N3/04G06N3/08G06K9/62
CPCG06F21/563G06F21/566G06N3/08G06N3/045G06F18/241
Inventor 周刚王树伟张凤娟王婧陈海勇兰明敬巨星海高李政杨大伟陈靖元
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap