基于AE-DBN的Android恶意软件检测
|
摘要
为了提高Android恶意软件检测的准确率和效率,提出一种在静态分析技术基础上利用自动编码器(AE)网络和深度信念网络(DBN)结合的Android恶意软件检测方案。首先通过静态分析技术,提取了权限、动作、组件和敏感APIs作为特征信息,其次通过AE对特征数据集进行降维,最后结合DBN进行更深层次的特征抽象学习,并训练DBN来进行恶意代码检测。实验结果证明,提出的方案与DBN,SVM和KNN进行比较,提高了检测效率和准确率,降低了误报率。
In order to improve the accuracy and efficiency of Android malware detection,an Android malware detection scheme is proposed based on static analysis technology using Auto Encoder( AE)network and Deep belief network( DBN). Firstly,statistical analysis technology is used to extract the permissions,actions,components and sensitive APIs as the features. Secondly,AE is used to reduce dimensions of the features dataset. Finally,the scheme combined with DBN to continue furture learning of abstract feature and trained DBN to conduct the malicious. The experimental results demonstrate that this method is compared with DBN,SVM,and KNN,which improves detection efficiency and accuracy. Besides,the false positive rate also is reduced.
In order to improve the accuracy and efficiency of Android malware detection,an Android malware detection scheme is proposed based on static analysis technology using Auto Encoder( AE)network and Deep belief network( DBN). Firstly,statistical analysis technology is used to extract the permissions,actions,components and sensitive APIs as the features. Secondly,AE is used to reduce dimensions of the features dataset. Finally,the scheme combined with DBN to continue furture learning of abstract feature and trained DBN to conduct the malicious. The experimental results demonstrate that this method is compared with DBN,SVM,and KNN,which improves detection efficiency and accuracy. Besides,the false positive rate also is reduced.
引文
[1]MAIER D,MüLLER T,PROTSENKO M.Divide-and-Conquer:Why Android malware cannot be stopped[C].2014Ninth International Conference on Availability,Reliability and Security.Fribourg,Switzerland:IEEE,2014:30-39.
[2]陈红闵,胡江村.安卓恶意软件的静态检测方法[J].计算机系统应用,2018,27(7):26-33.
[3]COOPER V N,SHAHRIAR H,HADDAD H M.A Survey of Android malware characterisitics and mitigation techniques[C].2014 11th International Conference on Information Technology:New Generations.Las Vegas,NV,USA:IEEE,2014:327-332.
[4]SCHMIDT A,CLAUSEN J H,CAMTEPE A,et al.Detecting symbian OS malware through static function call analysis[C].2009 4th International Conference on Malicious and Unwanted Software(MALWARE).Montreal,QC,Canada:IEEE,2009:15-22.
[5]SAHS J,KHAN L.A machine learning approach to Android malware detection[C].2012 European Intelligence and Security Informatics Conference.Odense,Denmark:IEEE,2012:141-147.
[6]杨宏宇,徐晋.基于改进随机森林算法的Android恶意软件检测[J].通信学报,2017,38(4):8-16.
[7]付文博,孙涛,梁藉,等.深度学习原理及应用综述[J].计算机科学,2018,45(S1):11-15+40.
[8]袁非牛,章琳,史劲亭,等.自编码神经网络理论及应用综述[J].计算机学报,2019,42(1):203-230.
[9]HINTONn G E.Deep belief networks[J].Scholarpedia,2009,4(5):5947.
[10]AAFER Y,DU W,YIN H.Droid APIMiner:Mining API-Level features for robust malware detection in Android[C].International Conference on Security and Privacy in Communication Systems.Sydney,Australia:Springer-Verlag,2013:86-103.
[11]TALHA K A,ALPER D I,AYDIN C.APK Auditor:Permission-based Android malware detection system[J].Digital Investigation,2015,3(1):1-14.
[12]APVRILLE L,APVRILLE A.Identifying unknown Android malware with feature extractions and classification techniques[C].2015 IEEE Trustcom/Big Data SE/ISPA.Helsinki,Finland:IEEE,2015:182-189.
[13]HINTON G E,OSINDERO S,TEH Y.A fast learning algorithm for deep belief nets[J].Neural Computation,2006,18(7):1527-1554.
[2]陈红闵,胡江村.安卓恶意软件的静态检测方法[J].计算机系统应用,2018,27(7):26-33.
[3]COOPER V N,SHAHRIAR H,HADDAD H M.A Survey of Android malware characterisitics and mitigation techniques[C].2014 11th International Conference on Information Technology:New Generations.Las Vegas,NV,USA:IEEE,2014:327-332.
[4]SCHMIDT A,CLAUSEN J H,CAMTEPE A,et al.Detecting symbian OS malware through static function call analysis[C].2009 4th International Conference on Malicious and Unwanted Software(MALWARE).Montreal,QC,Canada:IEEE,2009:15-22.
[5]SAHS J,KHAN L.A machine learning approach to Android malware detection[C].2012 European Intelligence and Security Informatics Conference.Odense,Denmark:IEEE,2012:141-147.
[6]杨宏宇,徐晋.基于改进随机森林算法的Android恶意软件检测[J].通信学报,2017,38(4):8-16.
[7]付文博,孙涛,梁藉,等.深度学习原理及应用综述[J].计算机科学,2018,45(S1):11-15+40.
[8]袁非牛,章琳,史劲亭,等.自编码神经网络理论及应用综述[J].计算机学报,2019,42(1):203-230.
[9]HINTONn G E.Deep belief networks[J].Scholarpedia,2009,4(5):5947.
[10]AAFER Y,DU W,YIN H.Droid APIMiner:Mining API-Level features for robust malware detection in Android[C].International Conference on Security and Privacy in Communication Systems.Sydney,Australia:Springer-Verlag,2013:86-103.
[11]TALHA K A,ALPER D I,AYDIN C.APK Auditor:Permission-based Android malware detection system[J].Digital Investigation,2015,3(1):1-14.
[12]APVRILLE L,APVRILLE A.Identifying unknown Android malware with feature extractions and classification techniques[C].2015 IEEE Trustcom/Big Data SE/ISPA.Helsinki,Finland:IEEE,2015:182-189.
[13]HINTON G E,OSINDERO S,TEH Y.A fast learning algorithm for deep belief nets[J].Neural Computation,2006,18(7):1527-1554.