Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Android malicious code detection method based on deep learning

A technology of malicious code detection and deep learning, applied in the direction of neural learning methods, computer security devices, instruments, etc., can solve the problems of lower detection efficiency, high time consumption, and inefficiency

Pending Publication Date: 2021-01-05
HARBIN ENG UNIV
View PDF4 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Compared with the first method, the detection method using the statistical characteristics of application instruction frequency solves the problem of applications with the same function. However, the problem with this method is that benign applications and malicious applications may have some overlapping functions. The difference in the statistical characteristics of instruction frequency is too small, and it is not efficient to use this indicator as a detection standard
However, the method based on application behavior in the dynamic detection method is difficult to meet the needs of individual sample detection while satisfying familial detection.
Dynamic detection needs to manually run the application program and analyze it, which increases the time and labor consumption of the operation process and reduces the detection efficiency; the same problem also occurs in the stain analysis method and the API call monitoring method. These methods have placed high demands on inspectors.
This makes these detection methods inefficient and time-consuming, and the gains outweigh the losses

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android malicious code detection method based on deep learning
  • Android malicious code detection method based on deep learning
  • Android malicious code detection method based on deep learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0041] 1. The process of Android application visualization is the process of generating feature images corresponding to application binary files. Using the B2M algorithm, firstly, the program binary file corresponds to an unsigned integer vector, and then each 8bit corresponds to an unsigned integer data. According to the size of the source program file, save the unit8 vector in matrix form. In this way, a matrix with a value range of [0, 255] is obtained. This matrix generates a pixel matrix according to the value corresponding to the pixel value, and finally saves the pixel matrix as a grayscale image. In the pixel mapping process, 0 and 255 correspond to black and white, respectively. The size of the generated pixel matrix is ​​related to the size of the source program file. The length and width values ​​can be set in advance, or can be obtained adaptively according to the file size. After pixel matrix correspondence, a grayscale image is obtained. This time the image as...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of network information security, and particularly relates to an Android malicious code detection method based on deep learning. According to the method, anAPK file is directly decompressed, part of binary files are visualized, color channels are added to the grey-scale map, pixel normalization is carried out, and the pixel normalization RGB map which is larger in picture information amount and beneficial to training in the model is constructed.And finally, designing and realizing a convolutional neural network classification detection model, and performing classification training on the malicious code image subjected to operation processing by the method so as to achieve the purpose of detecting the malicious code.Aiming at the problems of single method for extracting image features, unobvious image features and poor detection effect in the existing Android malicious code visualization technology, the RGB image of the malicious code is generated, and learning classification is performed after pixel normalization, so that more accurate malicious code detection is realized.

Description

technical field [0001] The invention belongs to the technical field of network information security, and in particular relates to a deep learning-based Android malicious code detection method. Background technique [0002] Due to its openness and compatibility, the Android operating system is widely used in commercial, civilian and even military equipment. The secondary development based on the Android system has also achieved great development in the fields of artificial intelligence, aerospace, and weapon systems. However, in recent years, problems such as security loopholes, system crashes, and malicious attacks aimed at the Android system have become increasingly serious, constantly attracting the attention of device manufacturers and users. Due to the openness of the Android system itself, various vulnerabilities spread faster and cause more extensive damage. Therefore, the detection of malicious code has become the focus of the industry and research institutes. [00...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62G06N3/08
CPCG06F21/562G06N3/08G06F2221/033G06F18/241
Inventor 郎大鹏陈宇梁甜甜武文达赵国冬刘翔宇
Owner HARBIN ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com