摘要
提出一种基于敏感权限和API的Android恶意软件家族分类方法,通过提取敏感权限和敏感API,将两部分特征进行融合,构建特征库,最后结合随机森林算法进行恶意软件的家族分类。实验结果表明,该方法的检测精确度达到98.4%,显著优于其他基线算法,能够反映恶意软件的相似性和同源性。
A method of Android malware family classification based on sensitive permissions and APIs was proposed.After extracting sensitive permissions and sensitive APIs,the two features were fused to build a feature database.Finally,a random forest algorithm was used to classify malware families.Experimental results showed that the detection accuracy of this method reached 98.40%,which was significantly better than other baseline algorithms,and both the similarity and homology of malware were reflected.
作者
于媛尔
张琳琳
赵楷
方文波
胡英杰
宋鑫
王晨跃
YU Yuaner;ZHANG Linlin;ZHAO Kai;FANG Wenbo;HU Yingjie;SONG Xin;WANG Chenyue(College of Information Science and Engineering, Xinjiang University, Urumqi 830046, China;School of Cyber Science and Engineering, Xinjiang University, Urumqi 830046, China;College of Software, Xinjiang University, Urumqi 830091, China)
出处
《郑州大学学报(理学版)》
CAS
北大核心
2020年第3期75-79,91,共6页
Journal of Zhengzhou University:Natural Science Edition
基金
国家自然科学基金地区基金项目(61867006)
新疆维吾尔自治区科技厅创新环境建设专项(PT1811)
新疆维吾尔自治区创新环境建设专项(自然科学基金)联合基金项目(2019D01C062)
新疆维吾尔自治区高校科研计划项目(XJEDU2017M005)。
