期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于系统调用的安卓恶意应用检测方法 被引量:2

Android malware detection method based on system calls
下载PDF
导出
摘要 针对恶意应用静态检测方法精度低的问题,以安卓(Android)应用运行时产生的系统调用为研究对象,提出1种恶意应用动态检测方法。将Android移动应用在沙盒环境下通过事件仿真获得的系统调用序列进行特征化,设计了基于系统调用次数和基于系统调用依赖图的2种特征表示方法。采用集成学习方法构建分类器,区分恶意应用和正常应用。采用来自于第三方应用市场的3 000个样本进行了实验验证。结果表明,基于系统调用依赖图的特征表示方法优于基于系统调用次数的特征表示方法,采用集成分类器具有较好的检测精度,达95.84%。 A dynamic Android malware detection approach is proposed aiming at tstatic malware detection approaches by researching the system calls of Android acalls achieved by stimulated events of Android applies from the sandbox are characterized, and twofeature representation methods are designed based on system call frequency and system calldependency respectively. Malware and goodware are distinguished byaclassifier constructed by ensemble method. The two methods are tested on 3 000 Android applications fmarket. The experimental results show that, the feature representation method based on system calldependency is better than that based on system call frequency, and the ea good detection accuracy of 95. 8 4 % .
作者 陈昊 姜海涛 郭静 周超 姚楠 徐建
机构地区 国网江苏省电力公司电力科学研究院 南京理工大学计算机科学与工程学院
出处 《南京理工大学学报》 EI CAS CSCD 北大核心 2017年第6期720-724,729,共6页 Journal of Nanjing University of Science and Technology
基金 国网江苏省电力公司科技项目(J2016022)
关键词 安卓 恶意应用检测 静态检测 动态检测 特征化 系统调用次数 系统调用依赖图 Android malware detection static detection dynamic detection characterization system call frequency system call dependency
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献4

二级参考文献28

  • 1戚湧,胡俊,於东军.基于自组织映射与概率神经网络的增量式学习算法[J].南京理工大学学报,2013,37(1):1-6. 被引量:7
  • 2XU H, WANG S P, WANG R C. A Novel RFID Reader System Framework Based on Peer-to-Peer Network [J]. International Jou- rnal of Advancements in Computing Technology,2011,3 (3): 104-110.
  • 3XU H,WANG S P,WANG R C. P2PONS:A Distributed Object Naming Service Architecture Based on P2P for EPC Network [J]. Advances in Information Sciences and Service Sciences, 2011,3 (3): 1-10.
  • 4TAN Y,VURAN M,GODDARD S. Spatiotemporal Event Mod- el for Cyber Physical Systems [C]//Proc of29th IEEE International Conference on Distributed Computing Systems Workshops,2009: 44-50.
  • 5DABHOLKAR A,GOKHALE A. An approach to middleware specialization for Cyber Physical Systems [C]//Proc of 29th IEEE International Conference on Distributed Computing SystemsWor- kshops, 2009 : 73-79.
  • 6Anastasia S,Dennis G.Review of the mobile malware detection approaches[C]//Proceedings of the 23rd International Conference on Parallel,Distributed and Network-Based Processing.Washington,USA:IEEE Computer Society,2015:600-603.
  • 7Islam R,Tian R,Batten L M,et al.Review:classification of malware based on integrated static and dynamic features[J].Journal of Network and Computer Applications,2013,36(2):646-656.
  • 8Mas’Ud M Z,Sahib S,Abdollah M F,et al.Analysis of features selection and machine learning classifier in Android malware detection[C]//Proceedings of IEEE International Conference on Information Science and Applications.Washington,USA:IEEE Computer Society,2014:1-5.
  • 9Zhou Yajin,Wang Zhi,Zhou Wu,et al.Hey,you,get off of my market:detecting malicious Apps in official and alternative Android markets[C]//Proceedings of the 19th Annual Network & Distributed System Security Symposium.Washington,USA:Internet Society,2012:123-129.
  • 10Zhang Yuan,Yang Min,Yang Zhemin,et al.Permission use analysis for vetting undesirable behaviors in Android Apps[J].IEEE Transactions on Information Forensics and Security,2014,9(11):1828-1842.

共引文献124

同被引文献4

引证文献2

二级引证文献2

南京理工大学学报
2017年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部