本文已被:浏览 2314次 下载 3131次
Received:July 10, 2015 Revised:September 08, 2015
Received:July 10, 2015 Revised:September 08, 2015
中文摘要: 本文构建的静态检测系统主要用于检测Android平台未知恶意应用程序.首先,对待检测应用程序进行预处理,从AndroidManifest.xml文件中提取权限申请信息作为一类特征属性;如待检测应用程序存在动态共享库,则提取从第三方调用的函数名作为另一类特征属性.对选取的两类特征属性分别选择最优分类算法,最后根据上述的两个最优分类算法对待检测应用程序的分类结果判定待检测应用程序是否为恶意应用程序.实验结果表明:该静态检测系统能够有效地检测出Android未知恶意应用程序,准确率达到95.4%,具有良好的应用前景.
Abstract:The static detection system referred in this article is used to detect unknown malware. First of all, the Android application sample is preprocessed and permission information that the application developer applies for is extracted as a kind of characteristic attribute. If there is shared object file, the name of function called from other libraryis is extracted as another kind of characteristic attribute. Secondly, the two optimal classifiers chose are used to hand two classes of features separately. Finally, the result of comprehensive judgment system depends on the result of classifiers about two types of characteristic attribute. The result of experiment shows that the static detection system can detect the unknown malware efficiently, and the accuracy of the static detection system reaches up to 95.4%.
文章编号: 中图分类号: 文献标志码:
基金项目:国家自然科学基金(61303224);浙江省科技厅公益项目(2104C31079)
引用文本:
蒋煦,张长胜,戴大蒙,慕德俊.Android平台恶意应用程序静态检测方法.计算机系统应用,2016,25(4):1-7
JIANG Xu,ZHANG Chang-Sheng,DAI Da-Meng,MU De-Jun.Static Detection of Android Malware.COMPUTER SYSTEMS APPLICATIONS,2016,25(4):1-7
蒋煦,张长胜,戴大蒙,慕德俊.Android平台恶意应用程序静态检测方法.计算机系统应用,2016,25(4):1-7
JIANG Xu,ZHANG Chang-Sheng,DAI Da-Meng,MU De-Jun.Static Detection of Android Malware.COMPUTER SYSTEMS APPLICATIONS,2016,25(4):1-7
