首页 | 本学科首页   官方微博 | 高级检索  
     

基于应用分类和系统调用的Android恶意程序检测
引用本文:林擎宇,凌 捷. 基于应用分类和系统调用的Android恶意程序检测[J]. 计算机工程与应用, 2017, 53(19): 109-113. DOI: 10.3778/j.issn.1002-8331.1604-0337
作者姓名:林擎宇  凌 捷
作者单位:广东工业大学 计算机学院,广州 510006
摘    要:针对Android平台恶意程序泛滥的问题,提出一种基于应用分类和系统调用的恶意程序检测方法。以Google Play为依据进行应用程序分类,利用运行时产生的系统调用频数计算每个类别的系统调用使用阈值。当应用程序安装运行时,手机端收集应用程序权限信息和产生的系统调用信息发给远程服务器,远程服务器根据权限信息采用序列最小优化算法给应用程序进行分类,分类后利用系统调用频数计算出系统调用使用值,与该类别的阈值进行比较判断是否恶意程序,将分类结果及判定结果反馈给用户,由用户判断是否需要更改分类重新检测。实验结果表明了该方法的可行性和有效性,不仅减少了手机的资源消耗,又能对产生恶意行为的应用程序及时做出反应。

关 键 词:Android平台  应用分类  系统调用  恶意程序检测  

Android malware detection based on application classfication and system calls
LIN Qingyu,LING Jie. Android malware detection based on application classfication and system calls[J]. Computer Engineering and Applications, 2017, 53(19): 109-113. DOI: 10.3778/j.issn.1002-8331.1604-0337
Authors:LIN Qingyu  LING Jie
Affiliation:Faculty of Computer, Guangdong University of Technology , Guangzhou 510006, China
Abstract:Considering the increasement of malware for Android, a malware detection based on application classfication and system calls of Android applications is proposed. The method depends on the categories in the Google Play as a reference to count system calls usage threshold of each category. During the installation of the application to a Android mobile phone runtime, the infornation of system calls and the permission infornation is sent to the remote server by the mobile phone. Sequential minimal optimzation algorithm is used to classify the application, and system calls usage value of the this application is calculated after the information of system call frequency is analyzed. Comparing this value and system calls usage threshold of category, whether it is a procedure including hostile program can be ascertained. Users can get the result and change the category of the application to examine the application depending on the requirement. Finally, the effectiveness and feasibility of the method is verified, not only can reduce resource consumption of phones, but also can response the malware as quickly as possible.
Keywords:Android  application classfication  system calls  malware detection  
点击此处可从《计算机工程与应用》浏览原始摘要信息
点击此处可从《计算机工程与应用》下载免费的PDF全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号