期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

Android平台的恶意程序多特征检测 被引量:5

Multi Feature Detection of Malicious Programs Based on Android Platform
下载PDF
导出
摘要 如今恶意程序种类繁多,各种检测技术在运行时都会产生大量数据.近年来学者们开始采用数据挖掘技术检测安卓恶意软件,但仍存在一些不足之处:一方面是分类器需要处理的数据繁多,另一方面是同一算法无法充分检测不同特征.针对以上局限性提出基于多类特征的混合算法,首先使用动态、静态结合技术收集程序的函数调用和系统调用特征;接着对于庞大的特征数据采用卡方统计处理,剔除对分类影响较小的数据;然后针对这两类特征构建不同分类器;最后采用49个家族的1100个恶意程序和1000个正常程序进行实验检测.结果显示,此方法在时间执行效率和检测率上比其他相关工作表现更优. Nowadays ,there are so many malicious programs. Each of detection technology generate a lot of behavioral information. Inrecent years, scholars began to use data mining technology to detect malicious programs. But there are some deficiencies, such as:Forone thing,the classifier needs to deal with a wide variety of data and For another thing,the same algorithm could riot give full use todetect the different characteristics of malicious applications. According to the above limitations, this paper proposed hybrid algorithmbased on multi features. Firstly ,it uses the dynamic-static combination technology to collect the function call and system call feature.Then it uses the chi square statistical to process the huge characteristic data. Finally,it uses 49 families of 1100 malicious programs and1000 normal procedures for the experimental detection. The results show that the performance of the method is better than other relatedwork at the time of execution efficiency and detection rate.
作者 吴帆 陆济湘 曹文静
机构地区 武汉理工大学理学院
出处 《小型微型计算机系统》 CSCD 北大核心 2018年第1期151-155,共5页 Journal of Chinese Computer Systems
基金 国家自然科学基金重大研究计划项目(91324201)资助 湖北省普通公路网运行监测与应急处置系统项目(20141h0288)资助
关键词 动态分析 静态分析 Android恶意程序 数据挖掘 卡方统计 dynamic analysis static analysis Android malicious program data mining chi square statistics
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献4

二级参考文献15

  • 1杨博,唐祝寿,朱浩谨,沈备军,林九川.基于静态数据流分析的Android应用权限检测方法[J].计算机科学,2012,39(S3):16-18. 被引量:8
  • 2IDC. Android marks fourth anniversary since launch with 75.0% market share in third quarter, according to IDC EEB/OL]. (2012-11-01) [2013-01-02]. http:// www. idc. com/getdoc, j sp ? containerld = prUS23771812. 被引量:1
  • 3Enck W, Ongtang M, McDaniel P. On lightweight mo- bile phone application certification [ C ]//Proceedings of the 16th ACM Conference on Computer and Communi- cations Security. Chicago, IL, USA, 2009:235 -245. 被引量:1
  • 4Zhou Yajin, Wang Zhi, Zhou Wu, et al. Hey, you, get off of my market: detecting malicious apps in offi- cial and alternative Android markets[C ]//Proc of the 19th Annual Network and Distributed System Security Symposium. San Diego, CA, USA: 2012:1-13. 被引量:1
  • 5Zhou Wu, Zhou Yajin, Jiang Xuxian, et al. Detecting repackaged smartphone applications in third-party An- droid marketplaces [ C ]//Proceedings of the Second ACM Conference on Data and Application Security and Privacy. San Antonio, TX, USA, 2012:317-326. 被引量:1
  • 6Schmidt A-D, Bye R, Schmidt H-G, et al. Static anal- ysis of executables for collaborative malware detection on Android [ C ]//2009 IEEE International Conference on Communications. Dresden, Germany, 2009 : 1 - 5. 被引量:1
  • 7Shabtai A, Elovici Y. Applying behavioral detection on Android-based devices [ C ]//3rd International Confer- ence on Mobile Wireless Middleware, Operating Sys- tems, and Applications. Chicago, IL, USA, 2010:235 - 249. 被引量:1
  • 8Shabtai A, Kanonov U, Elovici Y, et al. "Androma- ly" : a behavioral malware detection framework for an- droid devices [ J ]. Journal of Intelligent Information Systems, 2012, 38(1) :161 - 190. 被引量:1
  • 9Zhao Min, Ge Fangbin, Zhang Tao, et al. AntiMal- Droid: an efficient SVM-based malware detection framework for android [ C ]//2nd International Confer- ence on Information Computing and Applications. Qin- huangdao, China, 2011:158 - 166. 被引量:1
  • 10工业和信息化部.移动互联网恶意代码描述规范[EB/OL].(2011-05-14)[2013-01-02].http://wen-ku.baidu.com/view/2978e18ccc22bcdl26frOc90.ht-m1. 被引量:1

共引文献94

同被引文献28

引证文献5

二级引证文献12

小型微型计算机系统
2018年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部