Permission-based Android malicious software hybrid detection method

A malware and detection method technology, applied in the fields of instruments, electrical digital data processing, platform integrity maintenance, etc., can solve the problems of unsatisfactory application detection effect, long detection time, false positive detection results, etc., to achieve behavior detection analysis method Perfect and accurate, fast detection effect

Inactive Publication Date: 2015-08-26
TIANJIN UNIV
View PDF6 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Permission-based detection methods are fast and efficient in some cases, but the detection effect is not ideal for applications with inconspicuous features; behavior-based detection has the characteristics of large amount of information collection ...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Permission-based Android malicious software hybrid detection method
  • Permission-based Android malicious software hybrid detection method
  • Permission-based Android malicious software hybrid detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0016] The specific embodiments of the present invention will be described in detail below with reference to the accompanying drawings. If these embodiments have exemplary contents, they should not be construed as limiting the present invention.

[0017] The present invention proposes a permission-based hybrid detection framework: 1) firstly perform preliminary detection according to the permission applied for by the application to detect benign applications and malicious applications; then track the behavior of suspicious applications, and collect interface calls related to sensitive permissions for detection , and then determine the application type; 2) Introduce a space vector model. When detecting suspicious applications, the application is algebraicized according to the collected sensitive information, and a vector space model is introduced to represent the application; 3) Euclidean distance and cosine similarity methods are used. The Euclidean distance and cosine similar...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a permission-based Android malicious software hybrid detection method. The method comprises the following steps: steps one, decompiling an Android application program and obtaining application program application permissions; step two, combining a system setting permission to carry out permission detection on the application program application permissions; dividing all applications to be detected into a kind application set, a malicious application set and a suspicious application set according to the difference of the conditions of the application program application permissions; step three, dynamically acquiring and detecting the behaviors of the application programs in the suspicious application set, collecting interface calling related to sensitive applications, giving vector space representation, and performing application program vectorization; step four, obtaining the detection result of kind application programs meeting safety detection standard through safety detection. Compared with the prior art, the permission-based Android malicious software hybrid detection method integrates two affecting factors of euclidean distance and cosine similarity, and the obtained detection result is more comprehensive and higher in accuracy.

Description

technical field [0001] The invention relates to the fields of computer network and computer security software security detection and mobile terminal security, in particular to the verification of fairness and non-repudiation of a security exchange protocol. Background technique [0002] With the rapid development of mobile communication technology and mobile hardware devices, people rely more and more on smartphones in their daily work and work, and the market share of Android has grown rapidly. As a mainstream mobile smart operating system, Android allows users to download and install third-party applications to meet user needs. However, due to the lack of supervision and management of third-party markets, the number of malware and its variants on the Android platform continues to increase. This phenomenon poses a huge threat to the security of the Android platform. [0003] The rising market share of Android and the rapid growth in the number of Android malware have made...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/563G06F2221/033
Inventor 李晓红赵仁焦浩峰胡静许光全
Owner TIANJIN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap