Study On Multi-attribute Expert Decision Model And Its Application Based On Security Assessment Of Mobile Application

As the global 3G/4G network is quickly spread, mobile devices are constantly improved and smart mobile terminal bandwidth bottlenecks are broken through, malicious mobile applications have sprung up quickly. According to a report from a security agency in 2013, from January to December, 763,351 new malwares on Android platform were found, which infected more than 0.103 billion people; 30,049 malwares on Symbian platform were found, which infected more than 4.09 million people. Following up on the current technology, malwares hide themselves and steal users’ privacy information to make illegal profits through a variety of ways, and even remote control mobile users’ smart terminals and produce black industry chain. Thus, carrying out security evaluation research for huge amounts of mobile applications is of necessity and urgency.Current evaluation methods for mobile applications are still dependent on workers’ ability and their experience,which focus on the vulnerability collection, malicious sample extraction and malicious sample mining, but lacks of the ability in repressing malicious attacks.This paper is based on the research of mobile Internet operating system. It starts with malicious samples’ multi-behavior attributes, and looks for a balance of the lowest rate between false positive rate and false negative rate by many different data mining decision models, such as C4.5 decision tree algorithms, bayesian belief algorithms, neural network model, two phase composite gathered classification algorithm, finally puts forward a multi-attribute decision-making algorithm. It gets significant results, and its main contribution is as follows:1)It researches mobile application data sources and data formats, classifies the application behavior attributes, attributes and extracts application models and algorithms and uses the model for mobile Internet application security properties of their signature attributes, sensitive string determine attributes and sensitive function determine attributes to realize model adaptation based on KNN node algorithm, in order to achieve a variety of sensitive information extraction.2)It puts forward SCAM Model(Selection Classification Algorithm Model), a high detection rate and low false classification algorithm. It uses this model to make an on-demand choice for the selecting, aggregating and cutting of classification algorithms, and has solved the problems of false negatives when classifying the algorithm by using K-nearest Neighbor Algorithm. SCAM decision model doesn’t need to extend detection radius of algorithm to implement the classification of unknown samples. In addition, this article also puts forward the the formation mechanism of initial algorithm based on biggest distance and the handling mechanism for data noise and overlapping algorithm. It also uses the most simplified model of the algorithm to cover a lot of classification samples and searches the optimal model of the algorithm by using the choice mechanism. By comparing the existing C4.5 decisions algorithms, bayesian belief algorithm, fuzzy neural network algorithms and two phase composite classification algorithm, the superiority of SCAM experts decision model is proved.3)Researching from the new perspective of mobile application security, this paper states automation rules analysis for huge amounts of samples, which is helpful to set up malware diagnostic cloud as well as to provide repression for the current malware explosion.4)It comes up with a set of models for mobile application security evaluation, and establishes automatic analysis platform baesed on distributed architecture of unknown samples, which can be used to evaluate mobile applications. Experiments show that the models which tested by mobile samples can achieve a recognition rate with more than 95.71% of the malicious samples, and also have a better recognition effect on confusion malicious samples.