Android malicious software efficient detection method and system based on runtime data analysis, and medium

A malware and data analysis technology, applied in the field of software and information security, can solve problems such as long training time, and achieve the effect of improving accuracy, reducing training time, and strengthening relevance

Active Publication Date: 2019-12-03
GUANGXI UNIV
View PDF2 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the large amount of useless information extracted from static features, the training time will be too long

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android malicious software efficient detection method and system based on runtime data analysis, and medium
  • Android malicious software efficient detection method and system based on runtime data analysis, and medium
  • Android malicious software efficient detection method and system based on runtime data analysis, and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] Such as figure 1 and figure 2 As shown, the implementation steps of the Android malware efficient detection method based on runtime data analysis in this embodiment include:

[0039] 1) Obtain the package name and startup page name (Activity) of APP (Android software);

[0040] 2) After running the APP based on the package name and startup page name, use the operation simulation tool to simulate the human behavior on the APP, track and record and generate the running data of the APP. The running data of the APP includes the calling of the APP to the API and the calling of the API to the API Information;

[0041] 3) Extract the operating data of the APP through the heterogeneous information network HIN to obtain the structured data of the operating data of the APP, and use the structured data of the operating data of the APP to form a kernel matrix in the form of meta paths; the heterogeneous information network HIN Including two types of nodes and two types of edges, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Android malicious software efficient detection method and a system based on runtime data analysis, and a medium. After an APP is run, behavior operation of a person on the APP is simulated, tracked and recorded, and running data of the APP is generated; extracting the operation data of the APP through a heterogeneous information network HIN to obtain structured data of the operation data of the APP, and forming a kernel matrix in a meta-path mode; and inputting the kernel matrix into a pre-trained machine learning classifier to obtain a detection result. According tothe invention, the behavior data of the APP is extracted by using a dynamic feature extraction technology; according to the method, the extracted APP behavior data is subjected to structured processing through the heterogeneous information network (HIN), the structured data forms a kernel matrix in a meta-path mode, and training is performed by using a support vector machine (SVM) classifier, sothat very short training time and relatively high accuracy can be realized.

Description

technical field [0001] The invention relates to the technical field of software and information security, in particular to a method, system and medium for efficiently detecting Android malware based on runtime data analysis. Background technique [0002] As the mobile platform with the highest market share, the Android system has built an open ecosystem. Its openness promotes the prosperity of the application market, but at the same time, it also brings great security threats to users due to the proliferation of malicious software. The "2018 Android Malware Special Report" released by 360 Internet Security Center shows that in the whole year of 2018, 360 Internet Security Center intercepted about 4.342 million new malware samples on the mobile terminal, with an average of about 12,000 new malware samples per day. The cumulative number of monitored mobile malware infections is about 110 million, and the average daily malware infection is about 292,000. Android malware detec...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06N20/10
CPCG06F21/566G06N20/10
Inventor 吕品乔智许嘉李陶深
Owner GUANGXI UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products