基于模型库的安卓恶意软件检测方法

单一算法生成的识别器普适性不足,对不同种群安卓软件进行识别产生的效果不稳定.针对这种情况,提出一种基于模型库的安卓恶意软件检测方法.通过Python程序进行爬虫与权限提取工作,得到应用的权限信息;使用SMO按照应用的权限信息分类得到不同种群的数据;将应用的种群信息输入到模型库中,得到恶意检测结果,并根据结果对模型库进行...

ANDROID MALWARE DETECTION METHOD BASED ON MODEL LIBRARY

Due to the lack of universality of the recognizer generated by a single algorithm,recognizers of this kind have unstable recognition effect on Android apps of different populations.In view of this situation,a model library is proposed for detecting Android malicious application.First,apps and extract their permissions were crawl ed through Python program.Then,the sequence minimum optimization(SMO)was used to classify the data of different populations according to information.Finally,population information was input into the model library to obtain malicious detection results,and model library was evolved according to the results,which enhanced the detection capability of model library.The experimental results show that for the same data set,the evolved model library method has a slight improvement in accuracy than the general algorithm;for multiple cluster data sets,the model library method improves the accuracy of the general algorithm by about 10%,indicating that the model library method can effectively detect Android malware,and the evolution of the model library has enhanced detection capabilities.