基于贝叶斯网络的Android恶意行为检测方法.pdfVIP

16 2016 ，52（17） Computer Engineering and Applications 计算机工程与应用 基于贝叶斯网络的Android 恶意行为检测方法 1 1，2 1 张国印 ，曲家兴 ，李晓光 1 1，2 1 ZHANG Guoyin , QU Jiaxing , LI Xiaoguang 1.哈尔滨工程大学 计算机科学与技术学院，哈尔滨 150001 2.黑龙江省国防科学技术研究院，哈尔滨 150001 1.College of Computer Science and Technology, Harbin Engineering University, Harbin 150001, China 2.HLJ Province National Defense Science and Technology Institute, Harbin 150001, China ZHANG Guoyin, QU Jiaxing, LI Xiaoguang. Way of Android malicious behavior detection based on Bayesian net- works. Computer Engineering and Applications, 2016, 52 （17）：16-23. Abstract ：Android is the most popular operating system by far, which has the highest market share. Malicious software based on Android platform also presents explosive growth, but currently there are no effective means, which can detect the Android malicious behavior. In this paper, through analyzing the characteristics of the Android malicious behavior, it uses the machine learning algorithm based on Bayesian networks to detect the Android malicious behavior. Beyond that, this paper extracts the static characteristics of the Android file based on the static analysis method, which has realized the combination of static analysis and the Bayesian network. In the end, through the experiment, it verifies the effectiveness of the Android malicious behavior detection model. Key words ：Android; machine learning; feature selection; Bayesian network 摘 要：Android 操作系统是市场占有率最高的移动操作系统，基于Android 平台的恶意软件也呈现爆发式的增长， 而目前仍然没有有效的手段进行Android 恶意行为的检测，通过分析Android 恶意行为的特点，采用基于贝叶斯网络 的机器学习算法进行Android 恶意行为的检测，通过静态分析的方法进行Android 文件静态特征的提取，将Android 恶意应用的静态分析与贝叶斯网络相结合，最后通过使用提出的方法构建贝叶斯网络模型，通过实验验证了提出的 Android 恶意行为检测模型的有效性。 关键词：Android ；机器学习；特征选择；贝叶斯网络 文献标志码：A 中图分类号：TP393 doi ：10.3778/j.issn. 1002-8331.1509-0091 1 引言 2014 年的互联网安全大会中，移动安全论坛格外引 近