章宗美,桂盛霖,任飞.基于N-gram的Android恶意检测[J].计算机科学,2019,46(2):145-151
基于N-gram的Android恶意检测
Android Malware Detection Based on N-gram
投稿时间:2018-01-18  修订日期:2018-03-24
DOI:
中文关键词:  Android应用,恶意检测,N-gram,深度置信网络,静态检测
英文关键词:Android application,Malware detection,N-gram,Deep belief network,Static detection
基金项目:本文受国家自然科学基金(61401067)资助
作者单位E-mail
章宗美 电子科技大学计算机科学与工程学院 成都611731 zach_41@163.com 
桂盛霖 电子科技大学计算机科学与工程学院 成都611731
中国电子科技集团公司第三十研究所 成都 610041 
shenglin_gui@uestc.edu.cn 
任飞 中国电子科技集团公司第三十研究所 成都 610041  
摘要点击次数: 0
全文下载次数: 0
中文摘要:
      随着Android系统的广泛应用,Android平台下的恶意应用层出不穷,并且恶意应用躲避现有检测工具的手段也越来越复杂,亟需更有效的检测技术来分析恶意行为。文中提出并设计了一种基于N-gram的静态恶意检测模型,该模型通过逆向手段反编译Android APK文件,利用N-gram技术在字节码上提取特征,以此避免传统检测中专家知识的依赖。同时,该模型使用深度置信网络,能够快速而准确地学习训练。通过对1267个恶意样本和1200个善意样本进行测试,结果显示模型整体的检测准确率最高可以达到98.34%。实验进一步比较了该模型和其他算法的检测结果,并对比了相关工作的检测效果,结果表明该模型有更好的准确率和鲁棒性。
英文摘要:
      With the widespread use of Android operating system,malicious applications are constantly emerging on the Android platform,meanwhile,the means by which malicious applications evade existing detection tools are becoming increasingly complicated.In order to effectively analyze malicious behavior,more efficient detection technology is required.This paper presented and designed a static malicious detection model based on N-gram technology.The model decompiles Android APK files by reversing engineering and uses N-gram technology to extract features from bytecodes.In this way,the model avoids dependence on expert knowledge in traditional detection.At the same time,the model combines with deep belief network,which allows it to rapidly and accurately train and detect application samples.1267 malicious samples and 1200 benign samples were tested.The results show that the overall accuracy is up to 98.34%. Further more,the results of the model were compared with those of other machine learning algorithms,and the detection results of the related work were also compared.The results show that the model has better accuracy and robustness.
查看全文  查看/发表评论  下载PDF阅读器