摘要
Android破解应用存在侵犯合法软件权益和传播恶意代码的风险。为有效检测Android平台上的支付破解应用,提出一种基于机器学习的检测方法。针对反汇编的字节码文件构建了支付语义信息调用控制流和支付数据库操作函数集,通过n-gram和重复代码子块长度统计方法构造相应特征集,最后构建带决策机制的多分类器检测模型以识别Android应用中不同的支付破解行为。实验结果表明,所提检测方法的模型检测精确率为85.24%,AUC值为0.87,与同类方法相比,对支付破解类应用的检测率有显著提高,有效解决了支付破解应用的检测问题。
Android cracked applications have the risks of infringing on legitimate software rights and spreading malicious code.To detect the payment cracked applications on Android platform,we propose a detection method based on machine learning.Based on the disassembled bytecode file,the call control flow of payment semantic information and the payment database operation function set are constructed.We use a n-gram statistical method and a repeated code sub-block length statistical method to construct the corresponding feature set,and build a multi-classifier detection model with a decision-making mechanism to identify different payment cracked behaviors in Android applications.The experimental results show that the detection accuracy rate of this model is 85.24%,and the area under curve(AUC)value is0.87.Compared with the baseline methods,the detection rate of payment cracked applications is significantly improved,which effectively solves the detection problem of payment cracked applications.
作者
汤永利
李星宇
赵宗渠
李运峰
TANG Yong-li;LI Xing-yu;ZHAO Zong-qu;LI Yun-feng(School of Computer Science and Technology,Henan Polytechnic University,Jiaozuo 454003,China)
出处
《北京邮电大学学报》
EI
CAS
CSCD
北大核心
2021年第4期95-101,共7页
Journal of Beijing University of Posts and Telecommunications
基金
国家自然科学基金项目(61802117)
河南省高校科技创新团队项目(20IRTSTHN013)
河南理工大学创新型科研团队项目(T2018-1)。
