基于纹理指纹与活动向量空间的Android恶意代码检测

为了进一步提高恶意代码识别的准确率和自动化程度，提出一种基于深度学习的Android恶意代码分析与检测方法。首先，提出恶意代码纹理指纹体现恶意代码二进制文件块内容相似性，选取33类恶意代码活动向量空间来反映恶意代码的潜在动态活动。其次，为确保分类准确率的提高，融合上述特征，训练自编码器（AE）和Softmax分类器。通过对不同数据样本进行测试，利用栈式自编码（SAE）模型对Android恶意代码的分类平均准确率可达94.9%，比支持向量机（SVM）高出1.1个百分点。实验结果表明，所提出的方法能够有效提高恶意代码识别精度。

Android malware detection based on texture fingerprint and malware activity vector space

To improve the accuracy and automation of malware recognition, an Android malware analysis and detection method based on deep learning was proposed. Firstly, the malware texture fingerprint was proposed to reflect the content similarity of malicious code binary files, and 33 types of malware activity vector space were selected to reflect the potential dynamic activities of malicious code. In addition, to improve the accuracy of the classification, the AutoEncoder (AE) and the Softmax classifier were trained combined with the above characteristics. Test results on different data samples showed that the average classification accuracy of the proposed method was up to 94.9% by using Stacked AE (SAE), which is 1.1 percentage points higher than that of Support Vector Machine (SVM). The proposed method can effectively improve the accuracy of malicious code recognition.