Population-oriented Android malicious software detection model library method
A technology for detecting models and malicious software, which is applied to computer components, character and pattern recognition, instruments, etc., can solve the problems of different risks, and it is difficult to distinguish the relationship between normal permissions and privacy permissions, so that it is simple and convenient to use, Identify enhanced, easy-to-implement effects
Active Publication Date: 2020-07-24
WUHAN UNIV OF SCI & TECH
View PDF8 Cites 3 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Various detection methods have laid the foundation for Android detection, but there are also some shortcomings: due to the diversity of Android applications, the use of privacy permissions is a typical uncertainty problem, and it is difficult to distinguish between normal permissions and privacy permissions. relationship between
Therefore, the same type of permission poses different risks to applications of different types of functions.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0029] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.
[0030] Such as figure 1 As shown, a population-oriented Android malware detection model library method includes the following steps:
[0031] 1) Collect application files, extract application permission usage and integrate it into a permission information matrix, and form application population information according to category tags; the population information includes the category labels corresponding to each application and the permissions of the application after permission preprocessing information matrix;
[0032] Crawl the application APK file from the Internet as a positive sample through the written python program, a...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a population-oriented Android malicious software detection model library method, which comprises the following steps of: 1) collecting an application file, extracting an application permission use condition, integrating the application permission use condition into a permission information matrix, and forming population information of an application according to a categorylabel; 2) training a classifier according to the extracted application permission set; 3) acquiring an authority information matrix of the to-be-detected application, determining the category of the to-be-detected application by using the classifier, and taking the population information of the to-be-detected application as the input of the model library; finding a recognizer pool corresponding tothe population in the model library, and detecting the application by using the recognizer which most conforms to the constraint condition according to the constraint condition to judge the maliciousness of the application. According to the method, the thought of the biological population is used for reference, the permission characteristics of the application are processed, the application is divided into different populations, the corresponding recognition algorithm model is found in the model base through constraint, and finally a better recognition result is obtained.
Description
technical field [0001] The present invention relates to malware detection technology, in particular to a population-oriented Android malware detection model library method. Background technique [0002] Maliciousness detection of Android applications is an uncertain problem. So far, malware detection methods can be divided into static detection, dynamic detection and combination of dynamic and static detection. However, with the rise of machine learning and data mining, more and more researchers choose to combine the previous dynamic and static detection methods with machine learning techniques. [0003] At present, the detectors applied to malicious detection of Android applications are mainly trained by machine learning methods such as support vector machines, random forests, and K-means. Various detection methods have laid the foundation for Android detection, but there are also some shortcomings: due to the diversity of Android applications, the use of privacy permissi...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62
CPCG06F21/56G06F2221/033G06F18/2411G06F18/214G06F18/24323G06F18/241Y02D10/00
Inventor 余东豪李涛余鑫张晏成颜松郑昊天常远贾志强乐金祥黄甫谢君臣
Owner WUHAN UNIV OF SCI & TECH