Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Android malicious software detection method and system based on multi-modal graph characteristics

A technology of malware and detection methods, applied in the field of malicious code analysis, can solve the problems of lack of information, incomplete capture of malicious behavior information, and impact of classification results, and achieve the effect of good processing.

Pending Publication Date: 2022-07-29
UNIV OF ELECTRONIC SCI & TECH OF CHINA
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method has the following disadvantages: (1) Only a single API feature information is used, which is not very comprehensive in capturing malicious behavior information; (2) The use of API feature information is mainly based on APIs to build APPs. (3) The classification basis is mainly based on the similarity of the API calls used by the APP. If the sample has complex malicious behavior, it may classify itself or even the surrounding samples. Results make a difference
[0006] (1) Only static feature information is used, which is not very comprehensive in capturing malicious behavior information;
[0007] (2) In the use of feature information, the relationship between APPs is mainly based on behavioral features, but the information of the features themselves is not well mined;

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android malicious software detection method and system based on multi-modal graph characteristics

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0114] Step 1: Build a data set, collect 1600 Android benign samples, 1600 malicious samples, a total of 3200 samples, and divide them into training set, validation set and test set according to the ratio of 8:1:1, while ensuring that the benign samples in each set are The ratio of samples to malicious samples is 1:1;

[0115] Step 2: Process all samples in the dataset, including the following steps:

[0116] Step 2.1: Perform static analysis on the Android APK file, use static analysis tools to obtain its static characteristics, and obtain permission characteristics, API, class, interface characteristics, .SO file characteristics and component characteristics;

[0117] Step 2.2: Dynamically analyze the Android APK file, use the dynamic analysis sandbox to obtain its dynamic characteristics, and obtain the system call characteristics;

[0118] Step 2.3: Process the static features obtained in step 2.1 and the dynamic features obtained in step 2.2 as multi-dimensional features...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an android malicious software detection method and system based on multi-modal graph characteristics, and mainly solves the problems that in an existing graph-based detection technology, malicious program characteristics are not comprehensively mined, and mined characteristics are not fully utilized. The main scheme comprises static features, dynamic features and the like. The features are analyzed and converted into graph structure features, and comprehensive characterization of application program behaviors is achieved through multi-modal graph features; vectorizing the graph structure features of each dimension by using a graph embedding method; based on an attention mechanism, inputting the graph structure feature vectors of all dimensions into a graph neural network for training and learning; and the trained detection model is used for detecting and identifying the Android malicious software.

Description

technical field [0001] The invention belongs to the technical field of malicious code analysis, and provides an Android malware detection method and system based on multimodal graph features. Background technique [0002] With the continuous development of Internet technology and the continuous implementation of the smart city concept, the Android operating system has gradually become the most widely installed operating system in mobile terminal devices due to its advantages of open source and scalability. Therefore, the security of the Android system has become the key to the privacy and property security of the majority of users, and the Android software has also become the main target of hackers. [0003] At present, in the research of Android malware detection and classification methods, graph neural network shows great potential and has become a recent research hotspot, because in the representation of features, the graph structure can greatly represent and express beha...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06K9/62G06N3/04G06N3/08
CPCG06F21/563G06F21/566G06N3/08G06F2221/033G06N3/045G06F18/24G06F18/214Y02D10/00
Inventor 牛伟纳巩嘉诚张小松刘星宇段治秦朱宇坤
Owner UNIV OF ELECTRONIC SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com