排序方式: 共有76条查询结果,搜索用时 15 毫秒
11.
当前大量的Android恶意软件在后台收集用户的位置信息、通话记录、电话号码及短信等信息并将其上传至指定服务器,造成了难以估量的危害。为解决此问题,提出一种Android恶意软件静态检测方法。对收集到的训练集中的所有APK文件进行静态反编译,提取其中的静态信息;对静态信息中的API和Permission进行统计学分析,得到API和Permission在恶意APK和正常APK中的使用率;根据它们的使用率确定基准API和Permission集合,将每一个APK转换成可参与计算的关于API和Permission的特征向量;利用改进的k-NN分类器,对待检测的APK进行分类判定。实验结果表明,该方法可以有效地对APK进行恶意分类。 相似文献
12.
原生代码已在Android应用中广泛使用,为恶意攻击者提供了新的攻击途径,其安全问题不容忽视。当前已有Android恶意应用检测方案,主要以Java代码或由Java代码编译得到的Dalvik字节码为分析对象,忽略了对原生代码的分析。针对这一不足,提出了一种基于双层语义的原生库安全性检测方法。首先分析原生方法Java层语义,提取原生方法函数调用路径,分析原生方法与Java层的数据流依赖关系以及原生方法函数调用路径的入口点。对于原生代码语义,定义了数据上传、下载、敏感路径读写、敏感字符串、可疑方法调用5类可疑行为,基于IDA Pro和IDA Python对原生代码内部行为进行自动分析。使用开源机器学习工具Weka,以两层语义作为数据特征,对5336个普通应用和3426个恶意应用进行了分析,最佳检测率达到92.4%,表明所提方法能够有效检测原生库的安全性。 相似文献
13.
智能移动终端已成为移动互联网时代重要的信息处理平台,其面临的安全威胁越来越严重,针对传统计算机的安全防护架构已无法适应智能移动终端安全防护的特殊需求。通过对智能移动终端操作系统的特点和层次进行分析,设计了一种轻量级内核层强制访问控制框架——MacDroid,深入研究了MacDroid 的安全策略定义、安全策略编译、安全策略实施等关键问题。提出了MacDroid 的安全策略描述语言——PSL,对PSL 的词法和语法进行了形式化定义。最后通过实验测试了MacDroid 访问控制框架对智能移动终端不同层的恶意软件行为的控制效果。实验结果表明,MacDroid框架对Android智能移动终端应用层、本地层和内核层的恶意软件行为均有较好的控制效果。 相似文献
14.
15.
由于传统的恶意程序分析过程往往复杂耗时,即使是经验丰富的安全分析人员也很难发现潜在的攻击模式。为减轻认知负担、提高交互性,将信息可视化技术引入恶意代码分析领域,即Malware安全可视化,正是近年来网络安全研究中的前沿热点。首先说明Malware安全可视化的紧迫性,接着分别从静态特征、动态主机特征和网络特征三个方面,详细分析了多项Malware安全可视化实例,最后讨论了该领域当前存在的问题及今后的研究方向。 相似文献
16.
Ad hoc网络的对等体系结构和节点资源受限使得其比传统网络面临更多的安全威胁。近年来,恶意程序研究已成为国际上网络安全和信息安全领域最前沿和最活跃的研究方向之一,无线网络中恶意程序研究已经开始成为恶意程序研究领域的一个新热点。首先分析了Ad hoc网络的网络体系结构及安全威胁、常见的恶意程序的分类及仿生物传播模型,然后从SEIR病毒传播模型的微分方程入手,针对该模型应用Ad hoc无线自组网出现的问题,引入网络拓扑特性和免疫延迟等概念对恶意程序传播模型进行了改进,结合网络拓扑动态演变恶意程序传播过程设计了一个改进的传播算法和动态免疫策略。综合考虑网络病毒传播特性、网络基础特性和免疫策略对改进模型进行了仿真实验分析,实验结果表明免疫策略和节点的度都影响恶意程序传播。 相似文献
17.
深度学习方法已被广泛应用于恶意软件检测中并取得了较好的预测精度,但同时深度神经网络容易受到对输入数据添加细微扰动的对抗攻击,导致模型输出错误的预测结果,从而使得恶意软件检测失效。针对基于深度学习的恶意软件检测方法的安全性,提出了一种面向恶意软件检测模型的黑盒对抗攻击方法。首先在恶意软件检测模型内部结构参数完全未知的前提下,通过生成对抗网络模型来生成恶意软件样本;然后使生成的对抗样本被识别成预先设定的目标类型以实现目标攻击,从而躲避恶意软件检测;最后,在Kaggle竞赛的恶意软件数据集上展开实验,验证了所提黑盒攻击方法的有效性。进一步得到,生成的对抗样本也可对其他恶意软件检测方法攻击成功,这验证了其具有较强的攻击迁移性。 相似文献
18.
Users frequently reuse their passwords when authenticating to various online services. Combined with the use of weak passwords or honeypot/phishing attacks, this brings high risks to the security of the user’s account information. In this paper, we propose several protocols that can allow a user to use a single password to authenticate to multiple services securely. All our constructions provably protect the user from dictionary attacks on the password, and cross-site impersonation or honeypot attacks by the online service providers. 相似文献
19.
Abdulbasit A. Darem 《计算机、材料和连续体(英文)》2022,72(1):461-479
Malicious software (malware) is one of the main cyber threats that organizations and Internet users are currently facing. Malware is a software code developed by cybercriminals for damage purposes, such as corrupting the system and data as well as stealing sensitive data. The damage caused by malware is substantially increasing every day. There is a need to detect malware efficiently and automatically and remove threats quickly from the systems. Although there are various approaches to tackle malware problems, their prevalence and stealthiness necessitate an effective method for the detection and prevention of malware attacks. The deep learning-based approach is recently gaining attention as a suitable method that effectively detects malware. In this paper, a novel approach based on deep learning for detecting malware proposed. Furthermore, the proposed approach deploys novel feature selection, feature co-relation, and feature representations to significantly reduce the feature space. The proposed approach has been evaluated using a Microsoft prediction dataset with samples of 21,736 malware composed of 9 malware families. It achieved 96.01% accuracy and outperformed the existing techniques of malware detection. 相似文献
20.
José Javier de Vicente Mohino Javier Bermejo Higuera Juan Ramón Bermejo Higuera Juan Antonio Sicilia Montalvo Manuel Sánchez Rubio José Javier Martínez Herraiz 《计算机、材料和连续体(英文)》2021,67(2):1447-1462
In a computer environment, an operating system is prone to malware, and even the Linux operating system is not an exception. In recent years, malware has evolved, and attackers have become more qualified compared to a few years ago. Furthermore, Linux-based systems have become more attractive to cybercriminals because of the increasing use of the Linux operating system in web servers and Internet of Things (IoT) devices. Windows is the most employed OS, so most of the research efforts have been focused on its malware protection rather than on other operating systems. As a result, hundreds of research articles, documents, and methodologies dedicated to malware analysis have been reported. However, there has not been much literature concerning Linux security and protection from malware. To address all these new challenges, it is necessary to develop a methodology that can standardize the required steps to perform the malware analysis in depth. A systematic analysis process makes the difference between good and ordinary malware analyses. Additionally, a deep malware comprehension can yield a faster and much more efficient malware eradication. In order to address all mentioned challenges, this article proposed a methodology for malware analysis in the Linux operating system, which is a traditionally overlooked field compared to the other operating systems. The proposed methodology is tested by a specific Linux malware, and the obtained test results have high effectiveness in malware detection. 相似文献