摘要
To solve the problem that using a single feature cannot play the role of multiple features of Android application in malicious code detection, an Android malicious code detection mechanism is proposed based on integrated learning on the basis of dynamic and static detection. Considering three types of Android behavior characteristics, a three-layer hybrid algorithm was proposed. And it combined the malicious code detection based on digital signature to improve the detection efficiency. The digital signature of the known malicious code was extracted to form a malicious sample library. The authority that can reflect Android malicious behavior, API call and the running system call features were also extracted. An expandable hybrid discriminant algorithm was designed for the above three types of features. The algorithm was tested with machine learning method by constructing the optimal classifier suitable for the above features. Finally, the Android malicious code detection system was designed and implemented based on the multi-layer hybrid algorithm. The experimental results show that the system performs Android malicious code detection based on the combination of signature and dynamic and static features. Compared with other related work, the system has better performance in execution efficiency and detection rate.
出处
《国际计算机前沿大会会议论文集》
2019年第1期215-216,共2页
International Conference of Pioneering Computer Scientists, Engineers and Educators(ICPCSEE)