摘要
目前针对恶意Android应用的静态检测方法大多基于对病毒哈希值的分析与匹配,无法迅速检测出新型恶意Android应用及其变种,为了降低现有静态检测的漏报率,提高对新型恶意应用的检测速度,提出一种通过深度网络融合模型实现的恶意Android应用检测方法。首先提取反编译得到的Android应用核心代码中的静态特征,随后进行代码向量化处理,最后使用深度学习网络进行分类判别。该方法实现了对恶意应用高准确度的识别,经过与现存方法的对比分析,验证了该方法在恶意代码检测中的优越性。
At present,the static detection methods for malicious Android applications are mostly based on the analysis and matching of virus hash values,which can not detect new malicious Android applications and their variants immediately.In order to reduce the false negative rate of the existing static detection and improve the detection speed of new malicious applications,this paper proposed a malicious Android application detection method implemented by a deep network fusion model.This approach extracted the static features in the core code of the Android application obtained by decompiling.Then carried out the code vectorization processing,and used the deep learning network to classify and discriminate.This approach enabled identification of malicious applications with high accuracy,and the comparative analysis with the existing approaches validates the superiority of this approach in malicious code detection.
作者
李凡
易军凯
Li Fan;Yi Junkai(Institute of Automation,Beijing Information Science&Technology University,Beijing 100192,China)
出处
《计算机应用研究》
CSCD
北大核心
2021年第2期549-552,558,共5页
Application Research of Computers
基金
国家自然科学基金资助项目(U1636208)。
关键词
代码向量化
恶意应用检测
深度学习
code vectorization
malicious application detection
deep learning
