Android Software Malware Detection Based On Hadoop

In the current smartphone market, Android occupies a large market share, and due to itsopenness and flexibility, Android smartphones is very easy to become the first target of the attacker,personal mobile security has become the most concern for users. Smartphones have a variety offeature-rich, user-friendly mobile applications. They enrich the functionality of the smartphonewhile enhancing the user experience. These applications are distributed via online applicationstores called app markets. These markets have lowered the entry barrier allowing users to easilydiscover and download new apps. On the flipside, it has also provided an easy distribution methodfor malware. With the rapid growth of the Android mobile malware, Android mobile is an urgentneed to protect their mobile security solution. In this paper, the main research content is as follows:First of all, we analyzes the android platform architecture and security mechanism and way ofmalware attacks, then from three aspects we expounds the characteristics of malicious software-sensitive API, system command line and permissions list. Because most Android applications arelack of the source code, in this article, through reverse engineering to obtain the source code, andon the basis of the source code to extract the characteristics of the three aspects of the Androidapplications, at the same time introducing mutual information for feature selection, finally Androidmalware detection based on support vector machine (SVM) model is established.Second, with the growing of Android users, the number of Android applications is growing.In the face of large number of Android applications, feature extraction speed is slow, affect thefinal test. Using the Hadoop platform for distributed parallel processing, we implement the androidapplication feature extraction.Finally, in view of the disadvantage of traditional SVM training extremely slow under thebackground of big data, we design a parallel support vector machines SVM model based onmultistage iterative, and on Hadoop platform to realize the Android malware detection algorithmbased on parallel SVM. The algorithm uses the MapReduce principle divides the data into severalsmall training set, iterative training SVM model, get every local support vector, the finalcomposition of the global support vectors, enabling parallel SVM training results.According to proposed above, we conducted simulation experiments and effectively analyzesthe results and advantages of reasonable verification program.