基于k近邻和最小二乘支持向量机的Android恶意行为识别

吉林大学学报(理学版)

基于k近邻和最小二乘支持向量机的Android恶意行为识别

陈泽恩

惠州学院教育技术中心, 广东惠州 516007

收稿日期:2014-12-17 出版日期:2015-07-26 发布日期:2015-07-27
通讯作者: 陈泽恩 E-mail:czetony@163.com

Identification of Android Malicious Behaviors Based on k NearestNeighbor Algorithm and Least Squares Support Vector Machine

CHEN Ze’en

Center of Educational Technology, Huizhou University, Huizhou 516007, Guangdong Province, China

Received:2014-12-17 Online:2015-07-26 Published:2015-07-27
Contact: CHEN Ze’en E-mail:czetony@163.com

摘要/Abstract

摘要：

针对单一k近邻算法(KNN)和最小二乘支持向量机(LSSVM)存在的缺陷, 提出一种基于KNNLSSVM的Android恶意行为识别模型. 先采集Android用户行为样本, 并提取相应特征组成特征向量; 再将训练集输入LSSVM中进行学习, 计算测试样本与最优分类平面间的距离, 如果该距离小于阈值, 则直接采用LSSVM恶意行为识别, 否则采用KNN算法进行恶意行为识别；最后采用仿真实验测试KNNLSSVM的性能. 实验结果表明, 相对于单一KNN算法和LSSVM, KNNLSSVM提高了Android恶意行为的识别正确率,可以满足Android[KG*6]恶意行为的在线识别要求.

关键词: 恶意行为, 移动终端, 最小二乘支持向量机, k近邻算法

Abstract:

In order to solve the problem of single k nearest neighbor algorithm (KNN) and least squares support vector machine (LSSVM) and improve the identification correct rate of Android malicious behavior, the author proposed an identification model of Android malicious behavior based on KNNLSSVM. Firstly, Android behavior samples were collected and the corresponding feature vector was extracted. Then the training samples were input into LSSVM to learn and calculate the distance between sample and classification plane. If the distance was less than threshold, LSSVM was used to recognize the malicious behavior, otherwise KNN algorithm was used to recognize the malicious behavior. Finally, the performance of KNNLSSVM was tested by simulation experiment. The experimental results show that compared with the single KNN algorithm and LSSVM, KNNLSSVM has improved the identification correct rate of Android malicious behavior, and can satisfy the online identification requirements of Android malicious behavior.

Key words: malicious behavior, smart phone, least squares support vector machine, k nearest neighbor algorithm

中图分类号:

TP391

陈泽恩. 基于k近邻和最小二乘支持向量机的Android恶意行为识别[J]. 吉林大学学报(理学版), 2015, 53(04): 720-724.

CHEN Ze’en. Identification of Android Malicious Behaviors Based on k NearestNeighbor Algorithm and Least Squares Support Vector Machine[J]. Journal of Jilin University Science Edition, 2015, 53(04): 720-724.

[1]	朱超平, 任继平. 基于智能优化算法的物联网异构数据融合方法[J]. 吉林大学学报(理学版), 2019, 57(3): 627-632.
[2]	杨永强, 李淑红. 最小二乘支持向量机的点云数据孔洞修补算法[J]. 吉林大学学报(理学版), 2018, 56(3): 692-696.
[3]	周水生, 周艳玲, 姚丹, 王保军. 基于QR分解的稀疏LSSVM算法[J]. 吉林大学学报(理学版), 2018, 56(2): 347-354.
[4]	谭萍, 邢玉娟. 基于混合Gauss模型的鲁棒性人脸识别算法[J]. 吉林大学学报(理学版), 2015, 53(06): 1229-1235.
[5]	崔亚芬, 解男男. 一种基于特征选择的入侵检测方法[J]. 吉林大学学报(理学版), 2015, 53(01): 112-116.
[6]	孙丹, 秦贵和, 董劲男, 陈虹. 基于最小二乘支持向量机的网络控制系统建模[J]. 吉林大学学报(理学版), 2014, 52(06): 1277-1283.
[7]	李岩波, 张超, 郭新辰. 基于直觉模糊最小二乘支持向量机的变压器故障诊断[J]. 吉林大学学报(理学版), 2014, 52(02): 313-318.
[8]	王宏志, 宇皓林. 基于ARM-Linux远程视频监控系统的设计[J]. 吉林大学学报(理学版), 2014, 52(01): 103-107.
[9]	郭新辰, 张超, 李成龙. 直觉模糊最小二乘支持向量机[J]. J4, 2012, 50(05): 993-997.