Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Android malware detection method and device based on capsule network

A malware and detection method technology, applied in the field of network security, can solve problems such as complex detection model design, inability to apply smart mobile device terminals, cumbersome feature extraction and screening work, and achieve favorable classification detection and good detection results

Active Publication Date: 2021-05-04
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, today's obfuscation techniques are becoming more and more complex. Static analysis techniques based on signatures can be bypassed by multiple obfuscation techniques such as polymorphism, encryption, and packaging, while detection methods based on software signature libraries cannot detect new unknown malware; behavior-based Although the dynamic detection technology can avoid the interference of obfuscation technology, it needs to dynamically monitor and track executable programs in a honeypot environment, which has the disadvantages of high computing resource requirements and low execution efficiency, and cannot cope with large-scale sample detection. Disadvantages that cannot be applied to smart mobile device terminals; the feature extraction and screening of malware in the early stage of machine learning classification algorithms is too cumbersome, and the design of detection models is too complicated; detection algorithms based on convolutional neural networks require a large number of data samples to obtain good results. classification effect
None of the above detection methods can work well on smart mobile terminals based on the Android operating device platform.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android malware detection method and device based on capsule network
  • Android malware detection method and device based on capsule network
  • Android malware detection method and device based on capsule network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] In order to make the purpose, technical solution and advantages of the present invention more clear and understandable, the present invention will be further described in detail below in conjunction with the accompanying drawings and technical solutions.

[0029] At present, there are many problems in the field of malware detection. The detection rate of traditional static detection algorithms is significantly reduced in the face of code obfuscation, packing, signature and other masquerade technologies; detection methods based on dynamic behavior monitoring occupy more system resources and cannot be applied to Android smart mobile Terminal; the feature extraction and screening of malware in the early stage of the machine learning algorithm is too complicated, and the cross-platform detection model has poor versatility. In view of this, in the embodiment of the present invention, see figure 1 As shown, a capsule network-based Android malware detection method is provided,...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of network security, and particularly relates to a capsule network-based Android malware detection method and device. The method includes: collecting Android software file samples, decompressing files to be processed, and converting them into RGB three-channel color images as Training sample data; construct a capsule network, and use the sample data to train the capsule network to obtain a trained network model including graph structure and network parameters. Transfer; input the target file to be detected into the trained capsule network model for testing, and judge whether the target file to be detected is a malware file through the output result. The invention can run efficiently on the Android operating platform, occupy less resources, and have high efficiency and accuracy. Even in the case of small-scale training samples, the classification and detection tasks with high accuracy can be realized, and the purpose of protecting Android smart mobile terminals is achieved.

Description

technical field [0001] The invention belongs to the technical field of network security, in particular to a capsule network-based Android malware detection method and device. Background technique [0002] With the advent of the era of big data, Internet technology and mobile Internet technology have achieved rapid development, and the number of malicious application software has also increased rapidly, especially the new mobile malicious application software has shown an exponential growth trend. Space presents unprecedented challenges. Existing malware detection methods include: static detection methods based on OpCoden-gram type and formal description of Dalvik instructions to extract features; dynamic detection methods such as dynamic analysis based on API call sequence comparison, TaintDroid model using dynamic taint tracking technology; Based on Naive Bayesian (NativeBes, NB), Support Vector Machine (Support Vector Machine, SVM) and other machine learning classificatio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56G06N3/04G06N3/08G06K9/62
CPCG06F21/563G06F21/566G06N3/08G06N3/045G06F18/241
Inventor 周刚王树伟张凤娟王婧陈海勇兰明敬巨星海高李政杨大伟陈靖元
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com