摘要
Android智能手机的快速发展在给人们的日常生活带来便利的同时,Android恶意应用的数量也在日益增多,因此如何有效地对恶意应用进行检测就成为了近年来信息安全领域的热点问题。针对该问题,论文提出了一种基于应用分类和敏感权限的恶意应用检测方法。首先从谷歌商店按类别获取应用样本集,然后利用SMO算法形成分类模型。同时对这些应用样本集进行频繁模式挖掘得到每一类应用的敏感权限项集,并根据每一类应用敏感权限的使用情况,计算出该类应用的敏感阈值。当有应用安装时,利用分类模型给应用程序进行正确分类,并统计出该应用中敏感权限的使用情况,计算出该应用的敏感值,并与该类应用的敏感阈值进行比较,判断是否为恶意应用。实验结果表明了该方法是可行且有效的,提高了恶意应用检测准确率。
The rapid development of Android smartphones has brought convenience to people’s daily life,while the number of Android malicious applications is increasing,so how to detect malicious applications effectively has become a hot issue in the field of information security in recent years. Aiming at this problem,this paper proposes a malicious application detection method based on application classification and sensitive permission. First,the application sample set is obtained from the Google Store by category. Then,the classification model is formed by using the SMO algorithm. And the sensitive permission item set of each class of application is obtained by frequent pattern mining of these applied sample sets,and the sensitive threshold value of the application is calculated according to the use of sensitive permission in each class of application. When an application is installed,the classification model is used to classify the application correctly,and the sensitivity of the application is calculated,the sensitivity value of the application is computed,and the sensitivity threshold value is compared to determine whether it is a malicious application. The experimental results show that the method is feasible and effective,and the accuracy of the detection of malicious applications is improved.
作者
刘倩
韩斌
LIU Qian;HAN Bin(School of Computer Science,Jiangsu University of Science and Technology,Zhenjiang 212000)
出处
《计算机与数字工程》
2019年第6期1446-1451,1481,共7页
Computer & Digital Engineering
关键词
Android智能手机
应用分类
敏感权限
恶意应用检测
Android smartphone
application classification
sensitive permissions
malicious application detection
