吉林大学学报(工学版) ›› 2018, Vol. 48 ›› Issue (2): 564-570.doi: 10.13229/j.cnki.jdxbgxb20161422

Previous Articles     Next Articles

An Android malware static detection model

YANG Hong-yu, XU Jin   

  1. School of Computer Science and Technology,Civil Aviation University of China,Tianjin 300300,China
  • Received:2016-12-30 Online:2018-03-01 Published:2018-03-01

Abstract: In order to solve the problem of Android malware spreading, this paper proposes an Android malware static detection model. First, the attribute value of three label items is selected in AndroidManifest.xml file as the feature attribute. Second, the Information Gain algorithm (IG) is used to optimize the feature attribute, then a corresponding feature vector set is generated according to the optimization results. Finally, four kinds of machine learning classification algorithms in Waikato Environment for Knowledge Analysis (WEKA) are used to detect and classify the feature vector set. Experiment results demonstrate that the proposed static detection method has better detection and classification performance.

Key words: computer application, Android, malware, static detection, attribute, classification

CLC Number: 

  • TP309
[1] 安全客. 2016年 Android恶意软件专题报告[EB/OL].[2016-02-27].http://bobao.360.cn/learning/detail/3539.html.
[2] 张锐,杨吉云. 基于权限相关性的Android恶意软件检测[J]. 计算机应用, 2014, 34(5): 1322-1325.
Zhang Rui, Yang Ji-yun. Android malware detection based on permission correlation[J]. Journal of Computer Applications, 2014, 34(5): 1322-1325.
[3] 许艳萍,伍淳华,侯美佳,等. 基于改进朴素贝叶斯的Android恶意应用检测技术[J]. 北京邮电大学学报, 2016, 39(2): 43-47.
Xu Yan-ping, Wu Chun-hua, Hou Mei-jia, et al. Android malware detection technology based on improved naive Bayesian[J]. Journal of Beijing University of Posts and Telecommunications, 2016, 39(2): 43-47.
[4] Li Wen-jia, Ge Ji-gang, Dai Gu-qian. Detecting malware for Android platform: an SVM-based approach[C]∥ IEEE International Conference on Cyber Security and Cloud Computing. Piscataway, New Jersey, USA: IEEE, 2015: 464-469.
[5] 张乐峰, 肖茹玥, 张雨峰,等. 基于对比权限模式的恶意软件检测方法[J]. 微电子学与计算机, 2015, 44(7):112-115.
Zhang Le-feng, Xiao Ru-yue, Zhang Yu-feng, et al. A malware detection method based on contrasting permission patterns[J]. Microelectronics & Computer, 2015, 44(7):112-115.
[6] Feizollah A, Anuar N B, Salleh R, et al. A review on feature selection in mobile malware detection[J]. Digital Investigation, 2015, 6(13): 22-37.
[7] Sharma A, Dash S K. Mining API Calls and Permissions for Android Malware Detection[M]. Berlin, Germany: Springer, 2014: 191-205.
[8] 丰生强. Android软件安全与逆向分析[M]. 北京:人民邮电出版社, 2013.
[9] ApkTool[EB/OL]. [2017-02-15]. http://www.softpedia.com/get/Programming/Debuggers-Decompilers-Dissasemblers/ApkTool.shtml.
[10] python[EB/OL].[2017-02-15]. https://www.python.org/.
[11] Zhou Ya-jin, Jiang Xu-xian. Dissecting Android malware: characterization and evolution [C]∥ IEEE Symposium on Security & Privacy. Piscataway, New Jersey, USA: IEEE, 2012: 95-109.
[12] 李航. 统计学习方法[M]. 北京:清华大学出版社,2012:47-52.
[13] 刘晓莹, 杨宝华. 一种改进的SMO分类算法[J]. 滁州学院学报, 2016, 35(2): 30-32.
Liu Xiao-ying, Yang Bao-hua. An improved SMO classification algorithm[J]. Journal of Chuzhou University, 2016, 35(2): 30-32.
[14] Roger Wong. Classifier-meta-Bagging algorithm source code analysis in Weka[EB/OL]. [2017-03-11]. http://blog.csdn.net/ROger_wonG/article/details/39271181.
[1] LIU Fu,ZONG Yu-xuan,KANG Bing,ZHANG Yi-meng,LIN Cai-xia,ZHAO Hong-wei. Dorsal hand vein recognition system based on optimized texture features [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1844-1850.
[2] WANG Li-min,LIU Yang,SUN Ming-hui,LI Mei-hui. Ensemble of unrestricted K-dependence Bayesian classifiers based on Markov blanket [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1851-1858.
[3] JIN Shun-fu,WANG Bao-shuai,HAO Shan-shan,JIA Xiao-guang,HUO Zhan-qiang. Synchronous sleeping based energy saving strategy of reservation virtual machines in cloud data centers and its performance research [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1859-1866.
[4] ZHAO Dong,SUN Ming-yu,ZHU Jin-long,YU Fan-hua,LIU Guang-jie,CHEN Hui-ling. Improved moth-flame optimization method based on combination of particle swarm optimization and simplex method [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1867-1872.
[5] LIU En-ze,WU Wen-fu. Agricultural surface multiple feature decision fusion disease judgment algorithm based on machine vision [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1873-1878.
[6] OUYANG Dan-tong, FAN Qi. Clause-level context-aware open information extraction [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1563-1570.
[7] DONG Sa, LIU Da-you, OUYANG Ruo-chuan, ZHU Yun-gang, LI Li-na. Logistic regression classification in networked data with heterophily based on second-order Markov assumption [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1571-1577.
[8] LIU Fu, LAN Xu-teng, HOU Tao, KANG Bing, LIU Yun, LIN Cai-xia. Metagenomic clustering method based on k-mer frequency optimization [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1593-1599.
[9] GUI Chun, HUANG Wang-xing. Network clustering method based on improved label propagation algorithm [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1600-1605.
[10] LIU Yuan-ning, LIU Shuai, ZHU Xiao-dong, CHEN Yi-hao, ZHENG Shao-ge, SHEN Chun-zhuang. LOG operator and adaptive optimization Gabor filtering for iris recognition [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1606-1613.
[11] CHE Xiang-jiu, WANG Li, GUO Xiao-xin. Improved boundary detection based on multi-scale cues fusion [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1621-1628.
[12] ZHAO Hong-wei, LIU Yu-qi, DONG Li-yan, WANG Yu, LIU Pei. Dynamic route optimization algorithm based on hybrid in ITS [J]. 吉林大学学报(工学版), 2018, 48(4): 1214-1223.
[13] HUANG Hui, FENG Xi-an, WEI Yan, XU Chi, CHEN Hui-ling. An intelligent system based on enhanced kernel extreme learning machine for choosing the second major [J]. 吉林大学学报(工学版), 2018, 48(4): 1224-1230.
[14] FU Wen-bo, ZHANG Jie, CHEN Yong-le. Network topology discovery algorithm against routing spoofing attack in Internet of things [J]. 吉林大学学报(工学版), 2018, 48(4): 1231-1236.
[15] CAO Jie, SU Zhe, LI Xiao-xu. Image annotation method based on Corr-LDA model [J]. 吉林大学学报(工学版), 2018, 48(4): 1237-1243.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] MENG Pin-chao, LI Xue-yuan, JIA Hong-fei, LI Yan-zhong. Short-time rail transit passenger flow real-time prediction based on moving average[J]. 吉林大学学报(工学版), 2018, 48(2): 448 -453 .
[2] LIU Han-guang, WANG Guo-qiang, MENG Dong-ge, ZHAO Huan-yu. Reasonable pre-tension research of crawler traveling gear of hydraulic excavator[J]. 吉林大学学报(工学版), 2018, 48(2): 486 -491 .
[3] HAN Jia-wei, LIU Yan-heng, SUN Xin, SONG Li-jun. Identity-based encryption scheme based on cloud and quantum keys[J]. 吉林大学学报(工学版), 2018, 48(2): 551 -557 .
[4] LIU Zhou-zhou, PENG Han. Topology control algorithm based on node reliability in WSN[J]. 吉林大学学报(工学版), 2018, 48(2): 571 -577 .