Chinese Journal of Network and Information Security ›› 2020, Vol. 6 ›› Issue (5): 67-79.doi: 10.11959/j.issn.2096-109x.2020060
• Papers • Previous Articles Next Articles
Fan CHAO1,Zhi YANG1(),Xuehui DU1,Yan SUN2
Revised:
2020-02-03
Online:
2020-10-15
Published:
2020-10-19
Supported by:
CLC Number:
Fan CHAO,Zhi YANG,Xuehui DU,Yan SUN. Android malware detection method based on deep neural network[J]. Chinese Journal of Network and Information Security, 2020, 6(5): 67-79.
"
特征类别 | 特征格式 |
应用组件 | Activity组件数占应用中总组件数的比重 |
Activity组件名(无前缀、含Intent Filter信息) | |
Service组件数占应用中总组件数的比重 | |
Service组件名(无前缀、含Intent Filter信息) | |
Broadcast Receiver组件数占应用中总组件数的比重 | |
Broadcast Receiver组件名(无前缀、含Intent Filter信息) | |
Content Provider组件数占应用中总组件数的比重Content Provider组件名(无前缀) | |
Intent Filter | Activity 组件中声明的 action 属性(系统定义、自定义) |
Activity 组件中声明的 category 属性(系统定义、自定义) | |
Service组件中声明的action属性(系统定义、自定义) Service组件中声明的category属性(系统定义、自定义) | |
Broadcast Receiver组件中声明的action属性(系统定义、自定义) | |
Broadcast Receiver组件中声明的category属性(系统定义、自定义) | |
权限 | 申请且以API形式使用的权限及其API使用点 |
申请且未以API形式使用的权限(系统定义、自定义)未申请且以API形式使用的权限及其API使用点 | |
数据流 | FlowDroid输出的source-sink对(方法签名形式) |
[1] | ARP D , SPREITZENBARTH M , HUBNER M ,et al. Drebin:efficient and explainable detection of Android malware in your pocket[C]// The 19th Annual Network and Distributed System Security Symposium (NDSS). 2014: 1-12. |
[2] | AVDIIENKO V , KUZNETSOV K , GORLA A ,et al. Mining APPs for abnormal usage of sensitive data[C]// The 37th International Conference on Software Engineering (ICSE). 2015: 426-436. |
[3] | XU K , LI Y , DENG R H . ICCDetector:ICC-based malware detection on Android[J]. IEEE Transactions on Information Forensics and Security, 2016,11(6): 1252-1264. |
[4] | DAHL G E , STOKES J W , DENG L ,et al. Large-scale malware classification using random projections and neural networks[C]// The 38th International Conference on Acoustics,Speech and Signal Processing. 2013: 3422-3426. |
[5] | HUANG W Y , STOKES J W . MtNet:a multi-task neural network for dynamic malware classification[C]// The 5th International Conference on Detection of Intrusions and Malware,and Vulnerability Assessment. 2016: 399-418. |
[6] | TOBIYAMA S , YAMAGUCHI Y , SHIMADA H ,et al. Malware detection with deep neural network using process behavior[C]// IEEE 40th Annual Conference on Computer Software and Applications. 2016: 577-582. |
[7] | 李璐 . 基于函数调用图的Android恶意软件检测[J]. 现代计算机(专业版), 2018(12): 28-33. |
LI L . Android malware detection based on function call graph[J]. Modern Computer, 2018(12): 28-33. | |
[8] | NIX R , ZHANG J . Classification of Android APPs and malware using deep neural networks[C]// The 17th International Joint Conference on Neural Networks. 2017: 1871-1878. |
[9] | MCLAUGHLIN N , RINCON J M , KANG B J ,et al. Deep Android malware detection[C]// The 7th ACM on Conference on Data and Application Security and Privacy (CODASPY). 2017: 301-308. |
[10] | 杨宏宇, 那玉琢 . 一种Android恶意软件检测模型[J]. 西安电子科技大学学报, 2019,46(3): 45-51. |
YANG H Y , NA Y Z . Android malware detection model[J]. Journal of Xidian University, 2019,46(3): 45-51. | |
[11] | 欧阳立, 芦天亮 . 基于深度置信网络的 Android 恶意软件检测[J]. 信息技术与网络安全, 2019,38(5): 22-27. |
OUYANG L , LU T L . Android malware detection using deep belief network[J]. Journal of Information Technology and Network Security, 2019,38(5): 22-27. | |
[12] | 吴招娣, 徐洋, 谢晓尧 . 基于AE-DBN的Android恶意软件检测[J]. 贵州师范大学学报(自然科学版), 2019,37(3): 96-101. |
WU Z D , XU Y , XIE X Y . Android malware detection based on AE-DBN[J]. Journal of Guizhou Normal University (Natural Sciences), 2019,37(3): 96-101. | |
[13] | 石兴华, 曹金璇, 芦天亮 . 基于深度森林的安卓恶意软件行为分析与检测[J]. 软件, 2019,40(10): 1-5,72. |
SHI X H , CAO J X , LU T L . Analysis and detection of Android malware based on Gcforest[J]. Computer Engineering & Software, 2019,40(10): 1-5,72. | |
[14] | YUAN Z L , LU Y Q , WANG Z G ,et al. Droid-Sec:deep learning in Android malware detection[J]. ACM SIGCOMM Computer Communication Review, 2014,44(4): 371-372. |
[15] | YUAN Z L , LU Y Q , XUE Y B . DroidDetector:Android malware characterization and detection using deep learning[J]. Tsinghua Science and Technology, 2016,21(1): 114-123. |
[16] | 苏志达, 祝跃飞, 刘龙 . 基于深度学习的安卓恶意应用检测[J]. 计算机应用, 2017,37(6): 1650-1656. |
SU Z D , ZHU Y F , LIU L . Android malware application detection using deep learning[J]. Journal of Computer Applications, 2017,37(6): 1650-1656. | |
[17] | XU L F , ZHANG D P , JAYASENA N ,et al. HADM:hybrid analysis for detection of malware[C]// The 3rd SAI Intelligent Systems Conference. 2016: 702-724. |
[18] | 王涛, 李剑 . 基于深度学习的Android恶意软件检测系统的设计和实现[J]. 信息安全研究, 2018,4(2): 140-144. |
WANG T , LI J . Design and implementation of Android malware detection system based on deep learning[J]. Journal of Information Security Research, 2018,4(2): 140-144. | |
[19] | 周明, 孙树栋 . 遗传算法原理及应用[M]. 北京: 国防工业出版社, 1999. |
ZHOU M , SUN S D . Genetic algorithm theory and applications[M]. Beijing: National Defense Industry PressPress, 1999. | |
[20] | ARZT S , RASTHOFER S , FRITZ C ,et al. FlowDroid:precise context,flow,field,object-sensitive and lifecycle-aware taint analysis for Android APPs[C]// The 35th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI). 2014: 259-269. |
[21] | RASTHOFER S , ARZT S , BODDEN E . A machine-learning approach for classifying and categorizing Android sources and sinks[C]// The 19th Annual Network and Distributed System Security Symposium (NDSS). 2014(42): 1-15. |
[22] | DESNOS A . Androguard documentation,release 3.3.5[R]. 2019. |
[23] | 黄文坚, 唐源 . TensorFlow 实战[M]. 北京:电子工业出版社, 2017. |
HUANG W J , TANG Y . TensorFlow practice[M]. Beijing: Electronic Industry PressPress, 2017. | |
[24] | ZHOU Y J , JIANG X X . Dissecting Android malware:characterization and evolution[C]// The 33rd IEEE Symposium on Security and Privacy (Oakland). 2012: 95-109. |
[25] | Google Groups. VirusTotal[EB]. |
[26] | 周志华 . 机器学习[M]. 北京: 清华大学出版社, 2016. |
ZHOU Z H . Machine learning[M]. Beijing: Tsinghua University PressPress, 2016. |
[1] | Cong YI, Jun HU. Novel continuous identity authentication method based on mouse behavior [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 179-188. |
[2] | Hao CHEN, Feng WANG, Weiming ZHANG, Nenghai YU. Carrier-independent deep optical watermarking algorithm [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 110-118. |
[3] | Zhanhui YUAN, Zhi YANG, Hongqi ZHANG, Shuyuan JIN, Xuehui DU. Android complex information flow analysis method based on communicating sequential process [J]. Chinese Journal of Network and Information Security, 2021, 7(5): 156-168. |
[4] | Fan CHAO, Zhi YANG, Xuehui DU, Bing HAN. Classified risk assessment method of Android application based on multi-factor clustering selection [J]. Chinese Journal of Network and Information Security, 2021, 7(2): 161-173. |
[5] | Xin ZHANG,Weizhong QIANG,Yueming WU,Deqing ZOU,Hai JIN. Mining behavior pattern of mobile malware with convolutional neural network [J]. Chinese Journal of Network and Information Security, 2020, 6(6): 35-44. |
[6] | Tianyu ZHOU,Wenbo SHEN,Nanzi YANG,Jinku LI,Chenggang QIN,Wang YU. Analysis of DoS attacks on Docker inter-component stdio copy [J]. Chinese Journal of Network and Information Security, 2020, 6(6): 45-56. |
[7] | Xi FU,Hui LI,Xingwen ZHAO. Survey on phishing detection research [J]. Chinese Journal of Network and Information Security, 2020, 6(5): 1-10. |
[8] | Xiaokang YIN,Liu LIU,Long LIU,Shengli LIU. Function argument number identification in stripped binary under PPC and MIPS instruction set [J]. Chinese Journal of Network and Information Security, 2020, 6(4): 95-103. |
[9] | Renwan BI,Qianxin CHEN,Jinbo XIONG,Ximeng LIU. Design method of secure computing protocol for deep neural network [J]. Chinese Journal of Network and Information Security, 2020, 6(4): 130-139. |
[10] | Hui XIAO,Bin WENG,Tianqiang HUANG,Han PU,Zehui HUANG. Video inter-frame tampering detection algorithm fusing multiple features [J]. Chinese Journal of Network and Information Security, 2020, 6(1): 84-93. |
[11] | Bin ZHANG,Lixun LI,Shuqin DONG. Malware detection approach based on improved SOINN [J]. Chinese Journal of Network and Information Security, 2019, 5(6): 21-30. |
[12] | You YU, Yu FU, Xiaoping WU. Summary of text classification methods [J]. Chinese Journal of Network and Information Security, 2019, 5(5): 1-8. |
[13] | Ning FANG,Weibing CAO,Donghe NI,Guandong DI. Accelerating cryptographic computation with parallel computing mechanisms in Android platform [J]. Chinese Journal of Network and Information Security, 2019, 5(1): 50-55. |
[14] | Futian SHI,Jian MAO,Jianwei LIU. Review of side-channel privacy inference of Android mobile devices [J]. Chinese Journal of Network and Information Security, 2018, 4(4): 12-21. |
[15] | Xiaoyan ZHU,Hui ZHANG,Jianfeng MA. Privacy protection system based on Hook for Android [J]. Chinese Journal of Network and Information Security, 2018, 4(4): 38-47. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|