Conceptual drift-oriented interpretable Android malicious software detection method

A malware and concept drift technology, applied in the field of information security, can solve problems such as poor performance of machine learning models in Android malware detection, and achieve the goal of ensuring interpretability and verifiability, high contribution, and good representation of malware Effect

Active Publication Date: 2022-01-07
YANSHAN UNIV
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] 3. The high-frequency update of the Android system version leads to a certain market share of the Android applications developed based on the software development kits of each version
However, due to the phenomenon of concept drift, the machine learning model trained at the cost of a large number of samples performs poorly in the detection of Android malware in different periods

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Conceptual drift-oriented interpretable Android malicious software detection method
  • Conceptual drift-oriented interpretable Android malicious software detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] Below in conjunction with accompanying drawing and embodiment the present invention is described in further detail:

[0047] Such as figure 1 As shown, an interpretable Android malware detection method oriented to concept drift, which specifically includes the following steps:

[0048]Step 1: Collect a sufficient amount of artificial Android malicious application software analysis reports to form a sample library of Android malicious application software artificial analysis reports.

[0049] In this embodiment, Android malicious software analysis reports are sampled from the Kharon dataset to form a sample library of Android malicious application software manual analysis reports. The language of the Android malicious application software analysis reports is English, and the total number of words is 4957.

[0050] Step 2: Collect a sufficient amount of malicious and benign Android application software samples to form an initial Android application software sample librar...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a concept drift-oriented interpretable Android malicious software detection method, and belongs to the technical field of information security. The method comprises the following steps: introducing detection features through an artificial Android malicious software analysis report, improving a traditional feature package based on an automatic machine learning algorithm and an interpretable algorithm, and fusing an identically distributed inspection and transfer learning algorithm. According to the method, the interpretability of the Android malicious software detection model is improved, manual verification of the detection model by reverse analysts is facilitated, the influence of the concept drift problem on the accuracy of the detection model is reduced, low-cost long-time maintenance of high accuracy of the detection model is facilitated, and the method is used for detection and analysis of Android malicious application software.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to an interpretable Android malware detection method oriented to concept drift. Background technique [0002] In the first quarter of 2021, 360 Internet Security Center intercepted about 2.065 million new samples of malicious programs on mobile terminals, an increase of 426.5% over the same period in 2020, causing per capita economic losses of 14,611 yuan. As of April 2021, compared with the iOS operating system, the Android operating system occupies 76.91% of the Chinese mobile terminal market, and the application software ecosystem of the Android open platform makes it more vulnerable to malware threats. [0003] The existing Android malware detection technology is divided into three categories: signature-based detection technology, machine learning-based static detection technology, and machine learning-based application behavior detection technology. The sandbox me...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62G06N20/20
CPCG06F21/563G06N20/20G06F2221/031G06F18/214Y02D10/00
Inventor 张炳文峥高原赵旭阳任家东
Owner YANSHAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap