基于Stacking的Android恶意检测方法研究
|
摘要
针对单一的数据挖掘算法对安卓恶意应用检测精度低的问题,论文提出了一种基于Stacking的Android恶意检测方法。该方法以安卓应用为研究对象,采用改进的特征提取方法来提取权限特征,训练多种基分类模型。最后,采用集成学习的思想,融合每一种分类模型产生的分类结果,训练新的分类模型。针对应用市场的真实应用的测试检测和分析结果表明:基于Stacking的Android恶意检测方法能提高恶意应用检测精度。
For the weakness of single data mining algorithm for Android malicious application detection,this paper proposes an Android malicious detection method based on Stacking. Targeted at the Android applications as the research objects,the improved feature extraction methods are used to extraction permission feature and train base classification models. Finally,a new classification model is trained based on the result of each classification model using the idea of ensemble learning. The experimental result and analysis of real applications in application market show that the Android malicious detection method based on Stacking can improve the detection accuracy of malicious applications.
For the weakness of single data mining algorithm for Android malicious application detection,this paper proposes an Android malicious detection method based on Stacking. Targeted at the Android applications as the research objects,the improved feature extraction methods are used to extraction permission feature and train base classification models. Finally,a new classification model is trained based on the result of each classification model using the idea of ensemble learning. The experimental result and analysis of real applications in application market show that the Android malicious detection method based on Stacking can improve the detection accuracy of malicious applications.
引文
[1]张家旺,李燕伟.基于机器学习算法的Android恶意程序检测系统[J].计算机应用研究,2017,34(6):1774-1777.ZHANG Jiawang,LI Yanwei.Malware detection system implementation of Android application based on machine learning[J].Application Research of Computers,2017,34(6):1774-1777.
[2]张东,张尧,刘刚,等.基于机器学习算法的主机恶意代码检测技术研究[J].网络与信息安全学报,2017,3(7):25-32.ZHANG Dong,ZHANG Yao,LIU Gang,et al.Research on host malcode detection using machine learning[J].Chinese Journal of Network and Information Security,2017,3(7):25-32.
[3]蒋煦,张长胜,戴大蒙,等.Android平台恶意应用程序静态检测方法[J].计算机系统应用,2016,25(4):1-7.JIANG Xu,ZHANG Changsheng,DAI Dameng,et al.Static Detection of Android Malware[J].Computer Systems&Applications,2016,25(4):1-7.
[4]Zhou Yajin,Wang Zhi,Zhou Wu,et al.Hey,you,get off of my market:detecting malicious Apps in official and alternative Android markets[C]//Proceedings of the 19th Annual Network&Distributed System Security Symposium.Washington,USA:Internet Society,2012:123-129.
[5]Pandita R,Xiao X,Yang W,et al.WHYPER:Towards Automating Risk Assessment of Mobile Applications[C]//USENIX Security Symposium,2013:527-542.
[6]Peiravian N,Zhu X.Machine learning for android malware detection using permission and api calls[C]//Tools with Artificial Intelligence(ICTAI),2013 IEEE 25th International Conference on.IEEE,2013:300-305.
[7]Yerima S Y,Sezer S,McWilliams G,et al.A new android malware detection approach using bayesian classification[C]//Advanced Information Networking and Applications(AINA),2013 IEEE 27th International Conference on.IEEE,2013:121-128.
[8]Aung Z,Zaw W.Permission-based android malware detection[J].International Journal of Scientific&Technology Research,2013,2(3):228-234.
[9]Shi R,Jiangsu N.Detection of Malicious Application Based on Improved Naive Bayesian Algorithm Android[J].Journal of Security and Safety Technology安防技术,2016,4(3):39-44.
[10]Zhou Z H.Ensemble methods:foundations and algorithms[M].CRC press,2012.
[11]Sikora R.A modified stacking ensemble machine learning algorithm using genetic algorithms[M].Handbook of Research on Organizational Transformations through Big Data Analytics.IGI Global,2015:43-53.
[12]Wang G,Sun J,Ma J,et al.Sentiment classification:The contribution of ensemble learning[J].Decision support systems,2014,57:77-93.
[13]Zhu H,Xiong H,Ge Y,et al.Mobile app recommendations with security and privacy awareness[C]//Proceedings of the 20th ACM SIGKDD international conference on Knowledge discovery and data mining.ACM,2014:951-960.
[14]Tam K,Feizollah A,Anuar N B,et al.The evolution of android malware and android analysis techniques[J].ACM Computing Surveys(CSUR),2017,49(4):76.
[15]Zheng M,Sun M,Lui J C S.Droid analytics:a signature based analytic system to collect,extract,analyze and associate android malware[C]//Trust,Security and Privacy in Computing and Communications(TrustCom),2013 12th IEEE International Conference on.IEEE,2013:163-171.
[16]Amos B,Turner H,White J.Applying machine learning classifiers to dynamic android malware detection at scale[C]//Wireless communications and mobile computing conference(iwcmc),2013 9th international.IEEE,2013:1666-1671.
[2]张东,张尧,刘刚,等.基于机器学习算法的主机恶意代码检测技术研究[J].网络与信息安全学报,2017,3(7):25-32.ZHANG Dong,ZHANG Yao,LIU Gang,et al.Research on host malcode detection using machine learning[J].Chinese Journal of Network and Information Security,2017,3(7):25-32.
[3]蒋煦,张长胜,戴大蒙,等.Android平台恶意应用程序静态检测方法[J].计算机系统应用,2016,25(4):1-7.JIANG Xu,ZHANG Changsheng,DAI Dameng,et al.Static Detection of Android Malware[J].Computer Systems&Applications,2016,25(4):1-7.
[4]Zhou Yajin,Wang Zhi,Zhou Wu,et al.Hey,you,get off of my market:detecting malicious Apps in official and alternative Android markets[C]//Proceedings of the 19th Annual Network&Distributed System Security Symposium.Washington,USA:Internet Society,2012:123-129.
[5]Pandita R,Xiao X,Yang W,et al.WHYPER:Towards Automating Risk Assessment of Mobile Applications[C]//USENIX Security Symposium,2013:527-542.
[6]Peiravian N,Zhu X.Machine learning for android malware detection using permission and api calls[C]//Tools with Artificial Intelligence(ICTAI),2013 IEEE 25th International Conference on.IEEE,2013:300-305.
[7]Yerima S Y,Sezer S,McWilliams G,et al.A new android malware detection approach using bayesian classification[C]//Advanced Information Networking and Applications(AINA),2013 IEEE 27th International Conference on.IEEE,2013:121-128.
[8]Aung Z,Zaw W.Permission-based android malware detection[J].International Journal of Scientific&Technology Research,2013,2(3):228-234.
[9]Shi R,Jiangsu N.Detection of Malicious Application Based on Improved Naive Bayesian Algorithm Android[J].Journal of Security and Safety Technology安防技术,2016,4(3):39-44.
[10]Zhou Z H.Ensemble methods:foundations and algorithms[M].CRC press,2012.
[11]Sikora R.A modified stacking ensemble machine learning algorithm using genetic algorithms[M].Handbook of Research on Organizational Transformations through Big Data Analytics.IGI Global,2015:43-53.
[12]Wang G,Sun J,Ma J,et al.Sentiment classification:The contribution of ensemble learning[J].Decision support systems,2014,57:77-93.
[13]Zhu H,Xiong H,Ge Y,et al.Mobile app recommendations with security and privacy awareness[C]//Proceedings of the 20th ACM SIGKDD international conference on Knowledge discovery and data mining.ACM,2014:951-960.
[14]Tam K,Feizollah A,Anuar N B,et al.The evolution of android malware and android analysis techniques[J].ACM Computing Surveys(CSUR),2017,49(4):76.
[15]Zheng M,Sun M,Lui J C S.Droid analytics:a signature based analytic system to collect,extract,analyze and associate android malware[C]//Trust,Security and Privacy in Computing and Communications(TrustCom),2013 12th IEEE International Conference on.IEEE,2013:163-171.
[16]Amos B,Turner H,White J.Applying machine learning classifiers to dynamic android malware detection at scale[C]//Wireless communications and mobile computing conference(iwcmc),2013 9th international.IEEE,2013:1666-1671.