基于静态代码上下文信息分析的Android恶意检测技术
首发时间:2019-01-03
摘要:随着大量的Android恶意应用的迅速增长以及对用户造成的损失和危害,因此恶意应用的检测技术手段极其重要。本文提出了一种基于静态代码上下文信息分析的恶意检测技术,与以往的粗粒度研究不同的是,全面地考虑了静态代码分析时API调用的上下文信息,更细粒度地提取了API调用的回调函数信息以及其相关联的其他API信息,并结合应用声明的权限作为联合特征。采用了7种不同的监督机器学习方法进行实验验证,选取了5037个应用作为样本库,结果表明所提出的恶意检测技术达到96.2%的准确率,相比以往粗粒度检测技术效果更佳。
关键词: 数据安全与计算机安全 静态代码分析 上下文信息 机器学习
For information in English, please click here
Android Malicious Detection Technology Based on Static Code Context Information Analysis
Abstract:With the rapid growth of a large number of malicious Android applications and the loss and harm to users, the detection methods of malicious applications are extremely important. This paper proposes a malicious detection technology based on static code context information analysis. Unlike previous coarse-grained studies, this technology comprehensively considers the context information of API calls in static code analysis, extracts the callback function information of API calls and other related API information in finer granularity, and combines the permissions of application declared as the joint feature. 7 different supervised machine learning methods are used for experimental verification. 5037 applications are selected as the sample library. The results show that the proposed malicious detection technology achieves96.2% accuracy, which is higher than the previous coarse-grained method.
Keywords: Data security and computer security static analysis context information machine learning
基金:
引用
No.****
动态公开评议
共计0人参与
勘误表
基于静态代码上下文信息分析的Android恶意检测技术
评论
全部评论0/1000