摘要
提出一种新的基于APK签名信息反馈的Android恶意应用检测方法(SigFeedback)。该方法在SVM分类算法的基础上采用启发式规则学习的方式对特征值进行提取,并对检测集中的APK签名信息进行验证筛选,实现了启发式反馈,达到更加准确地检测恶意应用的目的。SigFeedback检测算法具有检测率高、误报率低的特点。最后通过实验显示SigFeedback算法具有较高的效率,且能使误报率从13%降低到3%。
A new malware detection method based on APK signature of information feedback (SigFeedback) was pro- posed. Based on SVM classification algorithm, the method of eigenvalue extraction adoped heuristic rule learning to sig APK information verify screening, and it also implemented the heuristic feedback, from which achieved the purpose of more accurate detection of malicious software. SigFeedback detection algorithm enjoyed the advantage of the high detec- tion rate and low false positive rate. Finally the experiment show that the SigFeedback algorithm has high efficiency, making the rate of false positive from 13% down to 3%.
出处
《通信学报》
EI
CSCD
北大核心
2017年第5期190-198,共9页
Journal on Communications
基金
国家自然科学基金资助项目(No.61133014
No.61272413
No.61373158
No.61472165)
广东省应用型科技研发专项基金资助项目(No.2016B010124009)~~
关键词
误报率
恶意应用
启发式学习
有效性
检测率
false positive rate, malicious application, heuristic learning, effectiveness, detection rate
