期刊文献+

基于N-gram算法的恶意程序检测系统研究与设计 被引量:5

Research and Design on Malware Detection System Based on N-gram Algorithm
下载PDF
导出
摘要 文章针对恶意程序检测中难以检测未知恶意程序等问题,提出了一种提取恶意程序语义特征的方法。该方法使用N-gram算法对提取的Android应用程序的权限和API特征建立语义特征序列,并对特征序列进行筛选处理,获得了更具代表性的行为特征序列。首先,为了增加特征的有效性,经验丰富的恶意程序分析专家为每个Android SDK中的API函数添加相应的权重,并使用出现频次和权重值重新计算N-gram序列中每个元素的特征值,从而构建了改进的N-gram序列模型。然后,使用多种机器学习算法进行分类检测,验证其有效性。实验结果表明,提取的特征及改进的N-gram算法可以有效检测Android平台上的恶意程序。 It is difficult to detect malware detection o f unknown m alicious programs, A im ing atsolving this problem , this paper proposes an approach for extracting the dynamic features o f m aliciouscode sem antics. This m ethod extracts the perm issions and API features o f Android application to setup the semantic feature sequence with the A^-gram algorithm. W ith screening o f the feature sequence,the behavior sequence becom es m ore representative. First, in order to increase the effectiveness o fthe characteristics, analysis o f experienced m alware experts for each Android API function in SD Kto add the corresponding w eights, and the use o f frequency and the w eight value o f each elem ent o fthe N-gram sequence characteristics o f re-calculated values in order to build a A^-gram series m odelim proved. Then, using a variety o f m achine learning algorithms for classification and detection, verifyits effectiveness. The experim ental results show that the im proved N-gram algorithm and features inthis paper can effectively detect m alicious programs under Android platform.
出处 《信息网络安全》 2016年第8期74-80,共7页 Netinfo Security
基金 国家自然科学基金[61402125]
关键词 机器学习 恶意代码检测 N-GRAM ANDROID应用 machine learning m alicious code detection iV-gram Android application
  • 相关文献

参考文献3

二级参考文献55

  • 1ISOHARA T, TAKEMORI K, KUBOTA A. Kernel-based behavior analysis for Android malware detection [ C ]///Proc of 7th International Conference on Computational Intelli- gence and Security. 2011.
  • 2ZHOU Yajin, JIANG Xuxian. Dissecting Android malware: Characterization and evolution [ C ]//Proc of IEEE Sympo- sium on Security and Privacy. 2012:95 - 109.
  • 3FELT A P, GREENWOOD K, WAGNER D. The effective- ness of application permissions[ C]//Proc of USENIX We- bApps. 2011.
  • 4BORJA S, IGOR S, CARLOS L, et al. PUMA : Permission usage to detect malware in Android [ C ]//International Joint Conference. Berlin, Germany: Springer, 2012: 289 - 298.
  • 5Christodorescu M, Jha S, Seshia S A, et al. Semantics-aware malwaredetection [ C ]//Security and Privacy, 2005 IEEE Symposium on.IEEE, 2005: 32-46.
  • 6http://en.wikipedia.org/wiki/Malware.
  • 7中国互联网协会.“恶意软件定义”细则[EB].2007.
  • 8https://www. hex-rays. com/products/ida/index, shtml.
  • 9Moser A,Kruegel C,Kirda E. Limits of static analysis for malware de-tection[ C]//Computer Security Applications Conference, 2007. AC-SAC 2007. Twenty-Third Annual. IEEE, 2007 : 421 -430.
  • 10Egele M, Scholte T, Kirda E, et al. A survey on automated dynamicmalware-analysis techniques and tools[ J]. ACM Computing Surveys(CSUR) , 2012 , 44(2) : 6.

共引文献104

同被引文献31

引证文献5

二级引证文献17

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部