期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于混合特征的恶意安卓程序检测方法 被引量:4

A hybrid feature-based detection method on Android malware
下载PDF
导出
摘要 安卓系统的恶意程序数量多且危害大,研究相应的检测方法是当前研究热点。现有方法仅单独提取语法或语义特征,难以准确刻画恶意程序的攻击意图。提出一种混合提取语法和语义特征的检测方法,语义特征为基于类抽象的污点传播路径集合,并结合权限声明和Intent-Action等语法特征,对特征规范化后应用K-means算法训练样本集生成恶意程序家族的特征向量,应用欧氏距离检测未知程序与特征向量的相似度。基于FlowDroid实现原型系统,对400个真实程序的分析结果表明该方法有较高的精确度。 Currently, Android malware detection is one of the hotpots in the security research field. Since Android is open source and very popular, the Android platform becomes a target of most mal-wares. Current approaches only extract syntax features or semantic features respectively so that it is dif-ficult for them to k n o w the real intention of the malware exactly. We propose a hybrid feature extractionmethod, using the set of class-based taint propagation paths as semantic featusions and Inten--Actions as syntax features. W e normalize all the extracted features beforclustering data sets by K -means, and then produce feature vectors of each malware family. Finally w e a-dopt the Euclidean distance computation to measure the similarity between the unknown program andfeature vectors. The prototype is implemented on top of FlowDroid to analyze 400 real programs, andthe results demonstrate that the method has higher precision.
作者 徐林溪 郭帆
机构地区 江西师范大学计算机信息工程学院
出处 《计算机工程与科学》 CSCD 北大核心 2017年第10期1837-1846,共10页 Computer Engineering & Science
基金 基金项目:WEB程序污点分析的形式化定义和验证研究(61562040)
关键词 恶意程序检测 语义特征 污点传播 聚类 malware detection semantic features taint propagation clustering
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献1

二级参考文献16

  • 1网秦.2013年上半年网秦全球手机安全报告[R/OL].[2013-07-23].http://cn.nq.com/neirong/2013Q2.pdf. 被引量:1
  • 2JIANG X,ZHOU Y.A survey of Android malware[M].New York:Springer,2013:3-20. 被引量:1
  • 3SCHMIDT A D,BYE R,SCHMIDT H G,et al.Static analysis of executables for collaborative malware detection on Android[C]//Proceedings of the 2009 IEEE International Conference on Communications.Piscataway:IEEE Press,2009:631-635. 被引量:1
  • 4BURGUERA I,ZURUTUZA U,NADJM-TEHRANI S.Crowdroid:behavior-based malware detection system for Android[C]//Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices.New York:ACM,2011:15-26. 被引量:1
  • 5CHIANG H S,TSAUR W.Mobile malware behavioral analysis and preventive strategy using ontology[C]//Proceedings of the 2010IEEE Second International Conference on Social Computing.Piscataway:IEEE Press,2010:1080-1085. 被引量:1
  • 6SHABTAI A,ELOVICI Y.Applying behavioral detection on Android-based devices[C]//Proceedings of the Mobile Wireless Middleware,Operating Systems,and Applications.Berlin:Springer,2010,48:235-249. 被引量:1
  • 7Google.Manifest.permission[EB/OL].[2013-11-01].http://developer.android.corn/reference/android/Manifest.permission.html. 被引量:1
  • 8BARRERA D,KAYACIK H G,van OORSCHOT P C,et al.A methodology for empirical analysis of permission-based security models and its application to Android[C]//CCS '10:Proceedings of the 17th ACM Conference on Computer and Communications Security.New York:ACM,2010:73-84. 被引量:1
  • 9ZHOU Y,JIANG X.Dissecting Android malware:characterization and evolution[C]//Proceedings of the 2012 IEEE Symposium on Security and Privacy.Washington,DC:IEEE Computer Society,2012:95-109. 被引量:1
  • 10KIRA K,RENDELL L A.The feature selection problem:traditional methods and a new algorithm[C]//AAAI '92:Proceedings of the 10th National Conference on Artificial Intelligence.Palo Alto:AAAI Press,1992:129-134. 被引量:1

共引文献36

同被引文献6

引证文献4

二级引证文献2

计算机工程与科学
2017年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部