Journal on Communications ›› 2017, Vol. 38 ›› Issue (4): 8-16.doi: 10.11959/j.issn.1000-436x.2017073
• Papers • Previous Articles Next Articles
Hong-yu YANG,Jin XU
Revised:
2017-02-21
Online:
2017-04-01
Published:
2017-07-20
Supported by:
CLC Number:
Hong-yu YANG,Jin XU. Android malware detection based on improved random forest[J]. Journal on Communications, 2017, 38(4): 8-16.
"
排名 | 特征属性 | IG值 |
1 | SYSTEM_ALERT_WINDOW | 0.477 |
2 | BROWSABLE | 0.424 |
3 | WRITE_SETTINGS | 0.380 |
4 | VIEW | 0.336 |
5 | GET_TASKS | 0.291 |
6 | DEFAULT | 0.281 |
7 | CAMERA | 0.272 |
8 | MOUNT_UNMOUNT_FILESYSTEMS | 0.251 |
9 | CHANGE_NETWORK_STATE | 0.239 |
10 | RECORD_AUDIO | 0.199 |
11 | WAKE_LOCK | 0.168 |
12 | VIBRATE | 0.131 |
13 | READ_EXTERNAL_STORAGE | 0.130 |
14 | CHANGE_WIFI_STATE | 0.119 |
15 | ACCESS_COARSE_LOCATION | 0.117 |
16 | WRITE_SMS | 0.117 |
17 | READ_LOGS | 0.107 |
18 | WRITE_EXTERNAL_STORAGE | 0.105 |
19 | ACCESS_WIFI_STATE | 0.102 |
20 | ACCESS_FINE_LOCATION | 0.092 |
21 | WRITE_APN_SETTINGS | 0.069 |
22 | ACCESS_NETWORK_STATE | 0.063 |
23 | READ_SMS | 0.062 |
24 | DISABLE_KAYGUARD | 0.055 |
25 | INSTALL_PACKAGES | 0.046 |
26 | SEND | 0.046 |
27 | CHINAMOBILE_OMS_GAME | 0.035 |
28 | CHINAMOBILE_GAMES | 0.035 |
29 | WRITE_CONTACTS | 0.034 |
30 | RECEIVE_BOOT_COMPLETED | 0.027 |
31 | SEND_MULTIPLE | 0.024 |
32 | LEANBACK_LAUNCHER | 0.020 |
33 | MULTIWINDOW_LAUNCHER | 0.013 |
34 | RECEIVE_SMS | 0.011 |
35 | CREATE_SHORTCUT | 0.009 |
"
排名 | 特征属性 | ReliefF值 |
1 | WRITE_SMS | 0.309 |
2 | READ_SMS | 0.301 |
3 | MOUNT_UNMOUNT_FILESYSTEMS | 0.298 |
4 | CHANGE_WIFI_STATE | 0.292 |
5 | CALL_PHONE | 0.250 |
6 | SYSTEM_ALERT_WINDOW | 0.246 |
7 | WRITE_SETTINGS | 0.246 |
8 | GET_TASKS | 0.223 |
9 | SEND_SMS | 0.217 |
10 | BROWSABLE | 0.217 |
11 | RECEIVE_BOOT_COMPLETED | 0.214 |
12 | READ_LOGS | 0.214 |
13 | WRITE_APN_SETTINGS | 0.204 |
14 | DEFAULT | 0.197 |
15 | WRITE_CONTACTS | 0.183 |
16 | RECEIVE_SMS | 0.181 |
17 | DISABLE_KAYGUARD | 0.178 |
18 | VIEW | 0.166 |
19 | ACCESS_FINE_LOCATION | 0.163 |
20 | CAMERA | 0.163 |
21 | CHANGE_NETWORK_STATE | 0.159 |
22 | ACCESS_COARSE_LACATION | 0.156 |
23 | READ_CONTACTS | 0.155 |
24 | INSTALL_PACKAGES | 0.154 |
25 | ACCESS_WIFI_STATE | 0.145 |
26 | READ_EXTERNAL_STORAGE | 0.139 |
27 | VIBRATE | 0.129 |
28 | WRITE_EXTERNAL_STORAGE | 0.129 |
29 | RESTART_PACKAGES | 0.124 |
30 | WAKE_LOCK | 0.099 |
31 | SET_WALLPAPAER | 0.084 |
32 | ACCESS_NETWORK_STATE | 0.083 |
33 | RECORD_AUDIO | 0.054 |
34 | READ_PHONE_STATE | 0.039 |
35 | HOME | 0.024 |
[1] | 张怡婷, 张扬, 张涛 ,等. 基于朴素贝叶斯的 Android 软件恶意行为智能识别[J]. 东南大学学报:自然科学版, 2015,45(2): 224-230. |
ZHANG Y T , ZHANG Y , ZHANG T ,et al. Intelligent identification of malicious behavior in Android applications based on naive Bayes[J]. Journal of Southeast University:Natural Science Edition, 2015,45(2): 224-230. | |
[2] | 张锐, 杨吉云 . 基于权限相关性的 Android 恶意软件检测[J]. 计算机应用, 2014,34(5): 1322-1325. |
ZHANG R , YANG J Y . Android malware detection based on permission correlation[J]. Journal of Computer Applications, 2014,34(5): 1322-1325. | |
[3] | 许艳萍, 伍淳华, 侯美佳 ,等. 基于改进朴素贝叶斯的 Android 恶意应用检测技术[J]. 北京邮电大学学报, 2016,39(2): 43-47. |
XU Y P , WU C H , HOU M J ,et al. Android malware detection technology based on improved naive Bayesian[J]. Journal of Beijing University of Posts and Telecommunications, 2016,39(2): 43-47. | |
[4] | LI W , GE J , DAI G . Detecting malware for Android platform:an svm-based approach[C]// IEEE,International Conference on Cyber Security and Cloud Computing. New Jersey,USA:IEEE, 2015: 464-469. |
[5] | FEIZOLLAH A , ANUAR N B , SALLEH R ,et al. Comparative study of k-means and mini batch k-means clustering algorithms in Android malware detection using network traffic analysis[C]// International Symposium on Biometrics and Security Technologies. New Jersey,USA:IEEE, 2014: 193-197. |
[6] | YUAN Z , LU Y , XUE Y . Droid detector:Android malware characterization and detection using deep learning[J]. Tsinghua Science &Technology, 2016,21(1): 114-123. |
[7] | 文伟平, 梅瑞, 宁戈 ,等. Android恶意软件检测技术分析和应用研究[J]. 通信学报, 2014,35(8): 78-85. |
WEN W P , MEI R , NING G ,et al. Malware detection technology analysis and applied research of Android platform[J]. Journal on Communications, 2014,35(8): 78-85. | |
[8] | 杨欢, 张玉清, 胡予濮 ,等. 基于多类特征的 Android 应用恶意行为检测系统[J]. 计算机学报, 2014,37(1): 15-27. |
YANG H , ZHANG Y Q , HU Y P ,et al. A malware behavior detection system of Android applications based on multi-class features[J]. Chinese Journal of Computers, 2014,37(1): 15-27. | |
[9] | FEIZOLLAH A , ANUAR N B , SALLEH R ,et al. A review on feature selection in mobile malware detection[J]. Digital Investigation, 2015,6(13): 22-37. |
[10] | SHARMA A , DASH S K . Mining API calls and permissions for android malware detection[M]. Cryptology and Network Security. Berlin,Germany: Springer International PublishingPress, 2014: 191-205. |
[11] | YANG X L . Malicious detection based on ReliefF and boosting multidimensional features[J]. Journal of Communications, 2015,10(11): 910-917. |
[12] | ROBNIK?IKONJA M , KONONENKO I . Theoretical and empirical analysis of ReliefF and RReliefF[J]. Machine Learning, 2003,53(1): 23-69. |
[13] | BREIMAN L . Random forest[J]. Machine Learning, 2001,5(1): 5-32. |
[14] | ALAM M S , VUONG S T . Random forest classification for detecting android malware[C]// Green Computing and Communications. 2013: 663-669. |
[15] | 丰生强 . Android软件安全与逆向分析[M]. 北京: 人民邮电出版社, 2013. |
FENG S Q . Android software security and reverse analysis[M]. Beijing: PTPRESSPress, 2013. | |
[16] | JIANG X , ZHOU Y . Dissecting Android malware:characterization and evolution[C]// IEEE Symposium on Security & Privacy. New Jersey,USA:IEEE, 2012: 95-109. |
[1] | Hanxun ZHOU,Chen CHEN,Runze FENG,Junkun XIONG,Hong PAN,Wei GUO. Mobile malware traffic detection approach based on value-derivative GRU [J]. Journal on Communications, 2020, 41(1): 102-113. |
[2] | Zhijun WU,Shengyan ZHOU,Jin LEI. Proactive migration model of SWIM service based on situation awareness [J]. Journal on Communications, 2019, 40(8): 123-132. |
[3] | HU Jianwei,CHE Xin,ZHOU Man,CUI Yanpeng. Incremental clustering method based on Gaussian mixture model to identify malware family [J]. Journal on Communications, 2019, 40(6): 148-159. |
[4] | Linlan LIU,Shengrong GAO,Jian SHU. Link quality prediction based on random forest [J]. Journal on Communications, 2019, 40(4): 202-211. |
[5] | Yuan XU,Chao YANG,Li YANG. Single password authentication method for remote user based on mobile terminal assistance [J]. Journal on Communications, 2019, 40(2): 174-187. |
[6] | Shengli ZHOU,Canghong JIN,Lifa WU,Zheng HONG. Research on cloud computing users’ public safety trust model based on scorecard-random forest [J]. Journal on Communications, 2018, 39(5): 143-152. |
[7] | Yashu LIU,Zhihai WANG,Hanbing YAN,Yueran HOU,Yukun LAI. Method of anti-confusion texture feature descriptor for malware images [J]. Journal on Communications, 2018, 39(11): 44-53. |
[8] | Bo CHEN,Yong-tao PAN,Tie-ming CHEN. Android malware detection method based on SimHash [J]. Journal on Communications, 2017, 38(Z2): 30-36. |
[9] | Bing-lin ZHAO,Xi MENG,Jin HAN,Jing WANG,Fu-dong LIU. Homology analysis of malware based on graph [J]. Journal on Communications, 2017, 38(Z2): 86-93. |
[10] | Hai-rong MU,Li-ping DING,Yu-ning SONG,Guo-qing LU. DiffPRFs:random forest under differential privacy [J]. Journal on Communications, 2016, 37(9): 175-182. |
[11] | Yan-chen QIAO,Xiao-chun YUN,Yu-peng TUO,Yong-zheng ZHANG. Fast reused code tracing method based on simhash and inverted index [J]. Journal on Communications, 2016, 37(11): 104-113. |
[12] | Yi ZHAO,Jian GONG,Wang YANG. Study on modern malware analysis system [J]. Journal on Communications, 2014, 35(Z1): 52-57. |
[13] | . Study on modern malware analysis system [J]. Journal on Communications, 2014, 35(Z1): 11-57. |
[14] | Xiao-guang HAN,UWu Q,AOXuan-xia Y,UOChang-you G,Fang ZHOU. Research on malicious code variants detection based on texture fingerprint [J]. Journal on Communications, 2014, 35(8): 125-136. |
[15] | . Research on malicious code variants detection based on texture fingerprint [J]. Journal on Communications, 2014, 35(8): 16-136. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|