网络与信息安全学报 ›› 2020, Vol. 6 ›› Issue (5): 67-79.doi: 10.11959/j.issn.2096-109x.2020060

• 学术论文 • 上一篇    下一篇

基于深度神经网络的Android恶意软件检测方法

超凡1,杨智1(),杜学绘1,孙彦2   

  1. 1 信息工程大学密码工程学院,河南 郑州 450001
    2 中国电子技术标准化研究院,北京 100007
  • 修回日期:2020-02-03 出版日期:2020-10-15 发布日期:2020-10-19
  • 作者简介:超凡(1995- ),女,江苏启东人,信息工程大学硕士生,主要研究方向为信息安全、代码信息流分析|杨智(1975- ),男,河南开封人,博士,信息工程大学副教授,主要研究方向为操作系统安全、云计算安全|杜学绘(1968- ),女,河南新乡人,博士,信息工程大学教授、博士生导师,主要研究方向为空间信息网络、云计算安全|孙彦(1986- ),男,江苏南京人,博士,中国电子技术标准化研究院工程师,主要研究方向为数据安全、信息安全国际标准化、网络产品和服务安全
  • 基金资助:
    国家重点研发计划(2018YFB0803603);国家自然科学基金(61972040);国家自然科学基金(61802436)

Android malware detection method based on deep neural network

Fan CHAO1,Zhi YANG1(),Xuehui DU1,Yan SUN2   

  1. 1 College of Cryptogram Engineering,Information Engineering University,Zhengzhou 450001,China
    2 China Electronics Standardization Institute,Beijing 100007,China
  • Revised:2020-02-03 Online:2020-10-15 Published:2020-10-19
  • Supported by:
    The National Key R&D Program of China(2018YFB0803603);The National Natural Science Foundation of China(61972040);The National Natural Science Foundation of China(61802436)

摘要:

Android 系统正日益面临着恶意软件的攻击威胁。针对支持向量机等传统机器学习方法难以有效进行大样本多分类的恶意软件检测,提出一种基于深度神经网络的Android恶意软件检测与家族分类方法。该方法在全面提取应用组件、Intent Filter、权限、数据流等特征基础上,进行有效的特征选择以降低维度,基于深度神经网络进行面向恶意软件的大样本多分类检测。实验结果表明,该方法能够进行有效检测和分类,良性、恶意二分类精度为 97.73%,家族多分类精度可达到 93.54%,比其他机器学习算法有更好的分类效果。

关键词: 安卓, 恶意软件检测, 静态分析, 特征选择, 深度神经网络

Abstract:

Android is increasingly facing the threat of malware attacks.It is difficult to effectively detect large-sample and multi-class malware for traditional machine learning methods such as support vector machine,method for Android malware detection and family classification based on deep neural network was proposed.Based on the comprehensive extraction of application components,Intent Filter,permissions,and data flow,the method performed an effective feature selection to reduce dimensions,and conducted a large-sample detection and multi-class classification for malware based on deep neural network.The experimental results show that the method can conduct an effective detection and classification.The accuracy of binary classification between benign and malicious Apps is 97.73%,and the accuracy of family multi-class classification can reach 93.54%,which is higher than other machine learning algorithms.

Key words: Android, malware detection, static analysis, feature selection, deep neural network

中图分类号: 

No Suggested Reading articles found!