基于深度信念网络的Android恶意应用检测方法

传统的机器学习算法无法有效地从海量的行为特征中选择出有本质的行为特征来对未知的Android恶意应用进行检测。为了解决这个问题，提出DBNSel，一种基于深度信念网络模型的Android恶意应用检测方法。为了实现该方法，首先通过静态分析方法从Android应用中提取5类不同的属性。其次，建立深度信念网络模型从提取到的属性中进行选择和学习。最后，使用学习到的属性来对未知类型的Android恶意应用进行检测。在实验阶段，使用一个由3 986个Android正常应用和3 986个Android恶意应用组成的数据集来验证DBNSel的有效性。实验结果表明，DBNSel的检测结果要优于其他几种已有的检测方法，并可以达到99.4%的检测准确率。此外，DBNSel具有较低的运行开销，可以适应于更大规模的真实环境下的Android恶意应用检测。

Android malware detection approach based on deep belief network

Because traditional machine learning algorithm cannot select distinct behavioral characteristics from huge amount of characteristics to detect unknown Android malware. To address these limitations, this paper proposes DBNSel, a malware detection approach for the Android platform based on the deep belief network model. To implement this, five types of features are extracted from the static analysis of Android apps. Then, the deep belief network model is built to learn features from Android apps. Finally, the learned features are used to detect unknown Android malware. In an experiment with 3, 986 benign apps and 3, 986 malware, DBNSel outperforms several existing malware detection approaches and achieves 99.4% detection accuracy. Moreover, DBNSel can achieve a remarkable run-time efficiency which makes it very easy to adapt to a larger scale of real-world Android malware detection.