摘要
随着移动互联网渐渐渗入人们的日常生活,面向安卓的恶意软件也对用户产生着愈发巨大的负面影响。本文针对传统安卓恶意软件静态检测技术在检测多分类恶意行为时准确性及灵活性的不足,提出了一种基于深度森林(Gcforest)的恶意软件行为检测机制,最后经过实验测试与对比,证明此机制在恶意软件行为检测效果、参数调节难易度上具有明显优势。
As the mobile Internet gradually infiltrates into People's Daily life, android malware also has an increasingly large negative impact on users. Based on the traditional static testing technology in android malware detection has more classification accuracy when the malicious behavior and the lack of flexibility, this paper proposes a detection method based on Gcforest malware behavior. Finally, through experimental test and comparison, it is proved that this method has obvious advantages in the detection effect of malware behavior and the difficulty of parameter adjustment.
作者
石兴华
曹金璇
芦天亮
SHI Xing-hua;CAO Jin-xuan;LU Tian-liang(School of Information Technology and Network Security, People's Public Security University of China, Beijing 100038, China)
出处
《软件》
2019年第10期1-5,72,共6页
Software
基金
国家重点研发计划“网络空间安全”重点专项(批准号:2016YFB0801100)
国家自然科学基金项目(批准号:61602489)
“十三五”国家密码发展基金密码理论研究重点课题(批准号:MMJJ20180108)
中国人民公安大学2019年基本科研业务费重大项目(2019JKF108)
关键词
安卓恶意软件
静态检测技术
深度森林
多分类行为检测
Android malware
Static detection technology
Gcforest
Multi-classification behavior detection