###
计算机系统应用英文版:2021,30(6):148-153
本文二维码信息
码上扫一扫!
利用单分类SVM算法检测Android应用程序
(1.西北工业大学 自动化学院, 西安 710072;2.郑州大学, 郑州 450001)
Android Malware Detection Based on One Class SVM Algorithm
(1.School of Automation, Northwestern Polytechnical University, Xi’an 710072, China;2.Zhengzhou University, Zhengzhou 450001, China)
摘要
图/表
参考文献
相似文献
本文已被:浏览 734次   下载 1709
Received:September 08, 2020    Revised:September 25, 2020
中文摘要: 目前, Android应用市场大多数应用程序均采取加壳的方法保护自身被反编译, 使得恶意应用的检测特征只能基于权限等来源于AndroidManifest.xml配置文件. 基于权限等特征的机器学习分类算法因为恶意应用与良性应用差异性变小导致检测效果不理想. 如果将更加细粒度的应用程序调用接口(Application Program Interface, API)作为特征, 会因为应用程序加壳的原因造成正负样本数量的严重失衡. 针对上述问题, 本文将大量的恶意应用作为训练样本, 将良性应用样本作为新颖点, 采用单分类SVM算法建立恶意应用的检测模型. 相比于二分类监督学习, 该方法能有效地检测出恶意应用和良性应用, 具有现实意义.
Abstract:At present, most benign applications in the Android market adopt a shelling method to protect themselves from being decompiled so that the detection of malicious applications can only rely on the permissions from AndroidMnifest.xml. However, the machine-learning-based classification algorithm based on permission features has a poor detection effect because of a small difference between malicious applications and benign applications. If a more fine-grained Application Program Interface (API) is taken as a feature, a serious imbalance in the number of positive and negative samples will be caused due to application shelling. In response to the above problems, with a large number of malicious applications as training samples and some benign applications as the point of novelty, we use the one-class SVM algorithm to establish a detection model for malicious applications. Compared with two-class supervised learning, this method can effectively distinguish malicious applications from benign applications, which has practical significance.
文章编号:     中图分类号:    文献标志码:
基金项目:河南省高等学校重点科研项目(21A520041)
引用文本:
管峻,毛保磊,刘慧英.利用单分类SVM算法检测Android应用程序.计算机系统应用,2021,30(6):148-153
GUAN Jun,MAO Bao-Lei,LIU Hui-Ying.Android Malware Detection Based on One Class SVM Algorithm.COMPUTER SYSTEMS APPLICATIONS,2021,30(6):148-153