期刊文献+

基于人工免疫的移动恶意代码检测模型

Artificial Immune Based Mobile Malcode Detection Model
下载PDF
导出
摘要 移动互联网带来极大便捷,但同时也要面对恶意代码等诸多安全威胁.面对未知恶意代码的不断涌现,传统的检测手段已经暴露出局限性,如查杀速度下降、误报率和漏报率上升以及成本投入大幅上涨等.近些年提出了部分基于智能算法的恶意代码检测手段,其中人工免疫系统算法由于其具有自组织、自适应、记忆和分布式等优势,成为信息安全领域研究的热点.借鉴自然免疫系统的基本原理,提出了适用于安卓平台移动恶意代码检测的模型.利用安卓模拟器提取恶意代码的行为特征,如启动服务、打电话、发短信、文件读写操作和网络访问等。对行为特征进行编码作为未成熟检测器来源之一,未成熟检测器经过阴性选择生成成熟检测器,对抗原亲和度高的成熟检测器克隆和变异.实验结果表明,检测模型对于移动恶意代码具有较高的检测率,能够准确检测加壳后的恶意样本. The mobile Internet has brought great convenience to us, however, we have to face many threats such as malcode. In face of unknown malcode emerging in large numbers, traditional detection methods show many limitations, such as decline of detection speedy rise of false positive rate and false negative rate, the sharp increase of cost and so on. In recent years, some malcode detection methods based on intelligent algorithm are proposed. Among them? the artificial immune system has become the research hotpot of information security area because of its organization, adaption, memory and distributed advantages. According to the basic theory of nature immune system, a mobile malcode detection model for android platform was proposed. Extract the behavior features of malcode using the android emulator, such as starting service, telephoning, sending message,file read or write operations and accessing the Internet. The behavior features were encoded as one of the source of immature detectors. The immature detectors become mature through negative selection algorithm. Clone and mutate the mature detectors with higher affinity. Experiment results show that the proposed detection model has high detection rate and can also accurately detect the packed malcode samples.
出处 《信息安全研究》 2016年第3期238-243,共6页 Journal of Information Security Research
基金 中国人民公安大学2015年度中央高校基本科研业务费资金项目(2015JKF01438)
关键词 移动互联网 恶意代码 人工免疫系统 检测 阴性选择 克隆选择 mobile Internet malcode artificial immune system detection negative selection clonal selection
  • 相关文献

参考文献1

二级参考文献2

共引文献88

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部