摘要
面对Android恶意代码高速增长的趋势,提出基于字节码图像的Android恶意代码家族分类方法,通过将Android恶意应用的字节码转化为256阶灰度图形式的字节码图像,利用GIST算法提取图像的纹理特征,并结合随机森林算法对特征进行分类。对常见的14种Android恶意代码家族的样本进行了实验验证,并与DREBIN方法进行比较,实验结果表明,该方法可有效进行Android恶意代码家族分类,具有检测精度高且误报率低的优点。
An Android malware family classification method based on the image of bytecode was proposed accord- ing to the exponential growth of Android malware. A bytecode file of Android malware was converted to a 256-level grayscale image and texture features was extracted from the image by GIST. The random forest algorithm was ap- plied to classify the extracted features. The method by the experimental data of 14 kinds of common Android mal- ware families was verified and was compared against the DREBIN on the same dataset. The experimental results show that the proposed method has high detection precision and low false positive rate.
作者
杨益敏
陈铁明
YANG Yi-min CHEN Tie-ming(College of Computer Science and Technology, Zhejiang University of Technology, Hangzhou 310023, China)
出处
《网络与信息安全学报》
2016年第6期38-43,共6页
Chinese Journal of Network and Information Security
基金
国家自然科学基金资助项目(No.U1509214)
浙江省自然科学基金资助项目(No.LY16F020035)~~
