摘要
针对随机森林(RF,random forest)算法的投票原则无法区分强分类器与弱分类器差异的缺陷,提出一种加权投票改进方法,在此基础上,提出一种检测Android恶意软件的改进随机森林分类模型(IRFCM,improved random forest classification model)。IRFCM选取Android Manifest.xml文件中的Permission信息和Intent信息作为特征属性并进行优化选择,然后应用该模型对最终生成的特征向量进行检测分类。Weka环境下的实验结果表明IRFCM具有较好的分类精度和分类效率。
Aiming at the defect of vote principle in random forest algorithm which is incapable of distinguishing the dif- ferences between strong classifier and weak classifier, a weighted voting improved method was proposed, and an improved random forest classification (IRFCM) was proposed to detect Android malware on the basis of this method. The IRFCM chose Permission information and Intent information as attribute features from AndroidManifest.xml files and optimized them, then applied the model to classify the final feature vectors. The experimental results in Weka environment show that IRFCM has better classification accuracy and classification efficiency.
作者
杨宏宇
徐晋
YANG Hong-yu XU Jin(School of Computer Science and Technology, Civil Aviation University of China, Tianjin 300300, Chin)
出处
《通信学报》
EI
CSCD
北大核心
2017年第4期8-16,共9页
Journal on Communications
基金
国家科技重大专项基金资助项目(No.2012ZX03002002)
中国民航科技基金资助项目(No.MHRD201009
No.MHRD201205)~~
关键词
随机森林
加权投票
恶意软件
分类检测
random forest, weighted vote, malware, classification detection
