基于双重遍历的Android恶意应用检测方法
首发时间:2016-11-29
摘要: 在Android恶意代码动态检测的过程中,行为触发技术是影响检测结果的一项关键技术。为了有效的对Android恶意代码进行动态检测,本文提出了一种基于双重遍历的Android恶意代码检测方法。该方法设计了双重遍历行为触发器-TraversalTrigger来提高恶意代码的函数覆盖率和恶意行为触发率。同时结合HOOK技术对应用程序行为进行监控分析。实验结果表明,该方法可有效提高恶意代码检测率。
For information in English, please click here
Android Malware Detection Method Based on Double Traversal
Abstract:In the process of Android malware dynamic detection, the behavior trigger technique is one of the key techniques to influence the test results. In order to effectively detect the Android malware, this paper proposed an Android malware behavior detection method based on double traversal. This method designed a trigger based on double traversal named TraversalTrigger,which improves the Android application code coverage and the trigger rate of the malicious behavior. combining with HOOK technology and SVM algorithm to monitor the behavior of the application.Experimental results show that the method can effectively improve the detection rate of malicious Android applications.
Keywords: android Malicious behavior Dynamic detection behavior trigger
论文图表:
引用
No.4706212116639814****
同行评议
共计0人参与
勘误表
基于双重遍历的Android恶意应用检测方法
评论
全部评论0/1000