计算机科学 ›› 2017, Vol. 44 ›› Issue (4): 135-139.doi: 10.11896/j.issn.1002-137X.2017.04.029
邵舒迪,虞慧群,范贵生
SHAO Shu-di, YU Hui-qun and FAN Gui-sheng
摘要: 随着Android操作系统的广泛应用,基于Android平台的应用程序的数量日益增长。如何有效地识别恶意软件,对保护手机的安全性至关重要。提出了基于权限和API特征结合的Android恶意软件检测方法,该方法通过反编译apk文件来提取权限特征和API特征,并将两者相结合作为一个整体的特征集合。在此基础上,采用分类算法进行恶意软件的甄别。实验结果表明,该方法的判别准确率高于权限集合或API集合单独作为特征的判别方法,从而能更加有效地检测Android恶意应用程序。
| [1] Smartphone OS Market Share.http://www.idc.com/pro-dserv/smartphone-os-market-share.jsp. [2] Googel Play States.http://www.appbrain.com/stats/st-ats-index. [3] FELT A P,HA E,EGELMAN S,et al.Android permissions:User attention,comprehension,and behavior[C]∥Proceedings of the 8th Symposium on Usable Privacy and Security.2012:1-14. [4] BARRERA D,KAYACIK H G,VAN OORSCHOT PC,et al.A methodology for empirical analysis of permission-based security models and its application to android[C]∥Proceedings of the 17th ACM Conference on Computer and Communications Securi-ty.2010:73-84. [5] FELT A P,CHIN E,HANNA S,et al.Android permissions demystified[C]∥Proceedings of 18th ACM Conference on Computer and Communications Security.2011:627-638. [6] WANG W,WANG X,FENG D W,et al.Exploring Permission-Induced Risk in Android Applications for Malicious Application Detection[J].IEEE Transaction On Information Forensics and Security,2014,9(11):1869-1882. [7] NISHIMOTO Y,KAJIWARA N,MATSUMOTO S,et al.Detection of Android API Call Using Logging Mechanism within Android Framework[C]∥International Conference on Security and Privacy in Communication Systems.2013:393-404. [8] AAFER Y,DU W L,YIN H.DroidAPIMiner:Mining API-Le-vel Features for Robust Malware Detection in Android[C]∥Proceedings of International Conference on Security and Privacy in Communication Networks.2013:86-103. [9] GENEIATAKIS D,FOVINO I N,KOUNELIS I,et al.A Permission verification approach for android mobile applications[J].Computers & Security,2015,49:192-205. [10] APK.https://zh.wikipedia.org/wiki/APK. [11] Package Index.http://developer.android.com/reference/packages.html. [12] Virusshare[OL.]http://virusshare.com. [13] Virustotal.https://www.virustotal.com. [14] ZHANG R.Research on Malware Detecting based on Static Analysis under Android Environment [D].Chongqing:Chongqing University,2014.(in Chinese) 张锐.Android环境下恶意软件静态检测方法研究[J].重庆:重庆大学,2014. [15] ZHOU Y J,JIANG X X.Dissecting android malware:Characteri-zation and evolution[C]∥Proceedings of the IEEE Symposium on Security and Privacy.2012:1063-1069. [16] XING L Y,PAN X R,WANG R,et al.Upgrading your android,elevating my malware:privilege escalation through mobile os updating[C]∥Proceedings of the 35th IEEE Symposium on Security and Privacy.2014:393-408. [17] PANDITA R,XIAO X S,YANG W,et al.Whyper:towards automating risk assessment of mobile applications[C]∥Procee-dings of the 22nd USENIX Conference on Security.2013:527-542. [18] WERTHMANN T,HUND R,DAVI L,et al.Psios:bring your own privacy and security to ios devices[C]∥Proceedings of the 8th ACM SIGSAC Symposium on Information,Computer and Communications Security.2013:13-24. |
| No related articles found! |
|
||
首页