| 结合局部优化匹配的Android恶意家族检测算法 |
| |
| 引用本文: | 杜垚.结合局部优化匹配的Android恶意家族检测算法[J].计算机工程与应用,2021,57(8):84-90. |
| |
| 作者姓名: | 杜垚 |
| |
| 作者单位: | 西南民族大学 计算机科学与技术学院,成都 610000 |
| |
| 基金项目: | 中央高校基本科研业务费专项基金项目青年教师基金;四川省科技计划 |
| |
| 摘 要: | 近年来,飞速增长的Android恶意代码给移动安全研究带来了沉重的负担。为海量的恶意样本进行准确的家族分类对移动恶意代码的识别与演变过程研究具有极为重要的作用。基于此目的提出了一种新的基于局部结构优化分析的恶意软件家族识别与分类方法。从应用程序的反编译文件中提取函数调用图,采用基于节点相似度的迭代匹配算法来构建恶意家族特征,通过对待检测应用程序函数调用图与恶意家族特征的匹配来进行应用程序的恶意性检测与家族识别。实验结果表明,该方法较三项已有研究和Androguard工具具有更好的性能。
|
| 关 键 词: | 恶意代码 局部结构优化 家族识别 |
Android Malicious Family Detection Algorithm Based on Local Optimization Matching |
| |
| DU Yao.Android Malicious Family Detection Algorithm Based on Local Optimization Matching[J].Computer Engineering and Applications,2021,57(8):84-90. |
| |
| Authors: | DU Yao |
| |
| Affiliation: | College of Computer Science and Technology, Southwest Minzu University, Chengdu 610000, China |
| |
| Abstract: | In recent years, the rapid growth of Android malicious code has brought a heavy burden to mobile security research. It makes the research of malware identification and family evolution of large number of mobile applications an important work. Thus, a new malware identification and family classification method based on local structure optimization analysis is proposed. This method first extracts the function call graphs from the decompiled files of the applications. Then, an iterative matching algorithm based on node similarity is applied to construct malicious family features. Finally, the structural similarity between the applications and family features is calculated to detect malware and classify them into their families. Experimental results show that this method has better performance than the three previous studies and the Androguard tool. |
| |
| Keywords: | malicious code local structure optimization family identification |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
