结合资源特征的Android恶意应用检测方法-计算机工程与应用.PDFVIP

Computer Engineering and Applications 计算机工程与应用 2018 ，54（15） 67 结合资源特征的Android 恶意应用检测方法 用 刘楚舒，王伟平，刘鹏飞 应 LIU Chushu, WANG Weiping, LIU Pengfei 与 中南大学 信息科学与工程学院，长沙 410083 程 School of Information Science and Engineering, Central South University, Changsha 410083, China g 工 r o LIU Chushu, WANG Weiping, LIU Pengfei. Detection of Android malware using resource features. Computer . Engineering and Applications, 2018, 54 （15）：67-73. j 机 a 算 e Abstract ：Android platform incurs mass attacks from hackers recently. The rapid increment of Android malwares results c . in the problems of privacy leakage and property loss. This paper firstly tests the difference between benign apps and 计 w malwares in two resource features, these features are pictures and widgets. Then MalAssassin, a method for detection of Android malware is proposed. It performs static analysis on Android APK files, gathering 68 features in 8 different categories w which are permissions, components, API calls, commands, hard-coded IP address and certificates extracted from other w approaches along with pictures and widgets proposed by this paper. These features are mapped to vector spaces to build the detection model which will classify an app as benign or malicious. In an evaluation with 53,422 benign apps and 5,671 malwares, MalAssassin achieves the performance of 99.1% precision and recall, while adapting well in different datasets. Key words ：Android; malware detection; machine learning 摘 要：近年来Android 平台遭到了黑客们的频繁攻击。随着