基于多层SimHash的Android恶意应用程序检测方法

doi:10.11959/j.issn.1000-436x.2017271

Abstract

Abstract:

A new similarity detection scheme based on hierarchical SimHash algorithm was proposed.The scheme extractd contents from different aspects to represent the APK file,then used the improved SimHash to respectively represent the file.The scheme analyzed the APK file by extracting the AndroidManifest.xml file in it,the sum of the Smali code from the decompilation of dex file,instructions extracted in Smali files,Java code set,and instructions extracted in Java code files.Through the study of Voted Perceptron voting algorithm,the scheme used trust weight method,by valuating a trust weight in every layer,then combined all the result with weight in every layer as a resule of scheme,the result can be more reasonable and more convincing.

Key words: Android, malware detection, SimHash, Voted Perceptron

CLC Number:

TP393

Bo CHEN,Yong-tao PAN,Tie-ming CHEN. Android malware detection method based on SimHash[J]. Journal on Communications, 2017, 38(Z2): 30-36.

Figures/Tables 8

References 10

[1]	YAN Q , LI Y , LI T ,et al. Insights into malware detection and prevention on mobile phones[C]// Security Technology - International Conference,Sectech 2009,Held As. DBLP, 2009: 242-249.
[2]	CHANDRAMOHAN M , TAN H B K . Detection of mobile malware in the wild[J]. Computer, 2012,45(9): 65-71.
[3]	SOOD S . Probabilistic SimHash Matching[J]. 2011.
[4]	UDDIN M S , ROY C K , SCHNEIDER K A ,et al. On the effectiveness of SimHash for detecting near-miss clones in large scale software systems[C]// Working Conference on Reverse Engineering. IEEE, 2011: 13-22.
[5]	余意, 张玉柱, 胡自健 . 基于SimHash算法的大规模文档去重技术研究[J]. 信息通信, 2015(2): 28-29.
[6]	BUYRUKBILEN S , BAKIRAS S . Secure similar document detection with SimHash[M]// Secure Data Management. 2014: 61-75.
[7]	MANKU G S , JAIN A , SARMA A D . Detecting near-duplicates for web crawling[C]// International Conference on World Wide Web. ACM, 2007: 141-150.
[8]	周龙泉, 卫文学 . 基于主成分分析与 SimHash 的入侵检测方法[J]. 计算机与数字工程, 2015(7): 1291-1294.
	ZHOU L Q , WEI W X . Intrusion detectin method based on principal component analysis and SimHash[J]. Computer and Digital Engineering, 2015(7): 1291-1294.
[9]	FREUND Y , SCHAPIRE R E . large margin classification using the perceptron algorithm[J]. Machine Learning, 1999,37(3): 277-296.
[10]	UDDIN M S , ROY C K , SCHNEIDER K A ,et al. On the effectiveness of SimHash for detecting near-miss clones in large scale software systems[C]// Working Conference on Reverse Engineering. IEEE, 2011: 13-22.

Metrics

Recommended 0

No Suggested Reading articles found!

[1]	Yubo SONG, Qi CHEN, Rui SONG, Aiqun HU. Android application privacy protection mechanism based on virtual machine bytecode injection [J]. Journal on Communications, 2021, 42(6): 171-181.
[2]	Jiawei QIN, Hua ZHANG, Hanbing YAN, Nengqiang HE, Tengfei TU. Research on context-aware Android application vulnerability detection [J]. Journal on Communications, 2021, 42(11): 13-27.
[3]	Zhu WANG,Kun HE,Xinyu WANG,Ben NIU,Fenghua LI. Traffic characteristic based privacy leakage assessment scheme for Android device [J]. Journal on Communications, 2020, 41(2): 155-164.
[4]	Lei ZHANG,Peng ZHANG,Wei SUN,Xingdong YANG,Lichao XING. IMM4HT:an identification method of malicious mirror website for high-speed network traffic [J]. Journal on Communications, 2019, 40(7): 87-94.
[5]	Xinyu WANG,Ben NIU,Fenghua LI,Kun HE. Risk assessing and privacy-preserving scheme for privacy leakage in APP [J]. Journal on Communications, 2019, 40(5): 13-23.
[6]	Hongyu YANG,Zaiming WANG. Android collusion attack detection model [J]. Journal on Communications, 2018, 39(6): 27-36.
[7]	Yan LIU,Yong-ping ZHANG,Cheng ZHU,Jun GAO,Qi-ming LIU. Intelligent forecasting and monitoring of air index based on big data and internet of things [J]. Journal on Communications, 2017, 38(Z2): 129-138.
[8]	Song-jie WEI,Gao-xiang WU,Na LUO,Zhao-wei SHI,Zi-yang ZHOU. DroidBet:event-driven automatic detection of network behaviors for Android applications [J]. Journal on Communications, 2017, 38(5): 84-95.
[9]	Hai-yan KANG,Han YAN,Hao-ran HUANG,Xuan1 SUN. Wi-Fi security evaluation model based on BP neural network [J]. Journal on Communications, 2016, 37(Z1): 50-56.
[10]	Yan-ping XU,Zhao-feng MA,Zhong-hua WANG,Xin-xin NIU,Yi-xian YANG. Survey of security for Android smart terminal [J]. Journal on Communications, 2016, 37(6): 169-184.
[11]	. Android malware detection method based onpermission sequential pattern mining algorithm [J]. Journal on Communications, 2013, 34(Z1): 14-115.
[12]	Huan YANG,Yu-qing ZHANG,Yu-pu HU,Qi-xu LIU. Android malware detection method based on permission sequential pattern mining algorithm [J]. Journal on Communications, 2013, 34(Z1): 106-115.
[13]	Wen FU,Bo WEI,Rong-cai ZHAO,Jian-min PANG. Fuzzy reasoning model for analysis of program maliciousness [J]. Journal on Communications, 2010, 31(1): 44-50.

Android malware detection method based on SimHash

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 8

References 10

Related Articles 13

Metrics

Recommended 0