基于权限和API特征结合的Android恶意软件检测方法

随着Android操作系统的广泛应用,基于Android平台的应用程序的数量日益增长。如何有效地识别恶意软件,对保护手机的安全性至关重要。提出了基于权限和API特征结合的Android恶意软件检测方法,该方法通过反编译apk文件来提取权限特征和API特征,并将两者相结合作为一个整体的特征集合。在此基础上,采用分类算法进行恶意软件的甄别。实验结果表明,该方法的判别准确率高于权限集合或API集合单独作为特征的判别方法,从而能更加有效地检测Android恶意应用程序。

Detecting Malware by Combining API and Permission Features

With the use of Android OS,the number of Android applications is getting larger and larger.Therefore,how to detect malware is very important for protecting the mobile phone security.In this paper,we extracted API feature and permission feature by reverse-engineering the apk files respectively.Then,the two features are combined into a feature set.Finally,with different classification algorithms,the malwares can be detected.As a result,compared to single API or permission feature,higher detecting accuracy is gotten,which shows that the feature combination of permission and API is more efficient in detecting malicious Android applications.