| 基于权限统计的恶意软件行为分析方法 |
| |
| 引用本文: | 罗文塽,张小志,李磊.基于权限统计的恶意软件行为分析方法[J].邢台职业技术学院学报,2020(1):92-95. |
| |
| 作者姓名: | 罗文塽 张小志 李磊 |
| |
| 作者单位: | ;1.邢台职业技术学院 |
| |
| 基金项目: | 河北省科技厅项目--“基于网络行为分析的移动终端恶意软件智能检测方法研究”,编号:18210705。 |
| |
| 摘 要: | 在Android系统的飞速发展和恶意软件持续大幅增加的情况下,提出了一种基于权限威胁值的恶意软件动态行为分析方法。首先,通过分析权限在应用程序中的必要性计算每个权限在应用程序中的威胁值;然后,根据威胁值大小监控威胁值较大的权限相应的API接口的调用和流向,记录产生流量时的目标IP地址;进而,通过进一步训练,得到正常行为库和恶意行为库;最后,将目标IP地址与正常和恶意IP地址信息进行比较来识别恶意软件。实验结果表明,该检测方法有95.6%的召回率和94.1%的正确率。
|
| 关 键 词: | ANDROID 恶意软件 动态检测 行为分析 |
The Methods to Analyze the Malware behaviors Based on Permission Statistics |
| |
| LUO Wen-shuang,ZHANG Xiao-zhi,LI Lei.The Methods to Analyze the Malware behaviors Based on Permission Statistics[J].Xingtai Vocational and Technical College,2020(1):92-95. |
| |
| Authors: | LUO Wen-shuang ZHANG Xiao-zhi LI Lei |
| |
| Institution: | (Xingtai Polytechnic College,Xingtai,Hebei 054035,China) |
| |
| Abstract: | With the rapid development of Android system and the increasing of malwares,a malware dynamic behavior analytical method based on permission threat value was proposed.Firstly,the threat value of each privilege in the application was calculated by analyzing the need for permissions in the application;Secondly,according to the threat value,the call and flow direction of the corresponding API interface was monitored and the target IP address generated during network communication was recorded;then,the IP address generated during network communication was extracted and normal behavior library and malicious behavior library was obtained by training normal and malicious samples.Finally,malware was identified by comparing the target IP address with normal and malicious IP address information.The experimental results show that the proposed method could reach the recall rate of 95.6%and the accuracy rate of 94.1%. |
| |
| Keywords: | Android malware dynamic detection behavior analysis |
| 本文献已被 维普 等数据库收录! |
|
