摘要
针对Android恶意代码泛滥问题。文中提取出Android的权限特征,采用随机森林算法对应用特征进行匹配训练,从原始训练集中,有放回地抽取一定数量的样本,作为根节点并开始不断进行训练。直到所有节点都被遍历或训练结束,从而实现特征叶子节点与案例库中的特征匹配。实验分析结果表明,从选择的算法效果来看,准备率实验结果表明,在权限特征维度上,随机森林算法的表现都比普通常规算法好;从误报率上来看,随机森林算法的效果同样较普通算法要好。但是,随机森林算法在60维之前的漏报率表现略显不足。所以,为了构建权限特征的检测模块,最终选择随机森林算法和后60维的权限特征。
Android malicious code for the problem. This paper first extracts the authority features of Android,then uses the Random Forests Algorithm( RF) to match the application characteristics. From the original training set,there is a certain number of samples,as the root node and starting to train continuously Until all nodes are traversed,or the training is completed,so that the characteristic leaf node matches the feature in the case library. The results of the experimental results show that the experimental results show that the performance of the random forest algorithm is better than that of the conventional conventional algorithm in terms of the effect of the selected algorithm.From the point of view of the false positive rate,the effect of the random forest algorithm is the same Better than normal algorithms. However,the random forest algorithm in the 60-dimensional false negative rate before the performance of slightly less than. So,in order to build the detection module of the privilege feature,finally chose the random forest algorithm and the posterior 60-dimensional permission feature.
作者
刘贺翔
李英娜
张长胜
任小波
李川
LIU Hexiang;LI Yingna;ZHANG Changsheng;REN Xiaobo;LI Chuan(School of Information Engineering and Automation,Kunming University of Science and Technology,Kunming 650500,China)
出处
《电子科技》
2018年第5期28-32,共5页
Electronic Science and Technology
基金
国家自然科学基金(KKGD201503106)
云南电网有限责任公司电力科学研究院项目(2015-000303JL00018)
