| The emergence of a large number of Android APP,provides a convenient to people's learning and life, but also brings a great mobile security issues. With the deepening of the concept of mobile learning, mobile learning APP is widely used. But the mobile learning APP is vulnerable to be attacked by malware, while mobile learning is more and more younger and universal, students lack awareness and security awareness Self-control, these would lead to students suffering from information and resource disclosure, and even network fraud and bad induction and so on. So need to pay more attention to the mobile learning APP malware detection. However, due to low threshold, bottom limit of the Android mobile applications market, the number of malware is increasing, variants are also rich, anti-detection means are also developing,which give the malware detection great challenges. So in the Big Data Era, it is very important to find a series of more efficient malware detection methods.This paper analyzes the current Android malware detection research at home and abroad, and sums up that the traditional malware detection methods have some problems, as follow: do not adapt the mass samples, cannot find the unknown malware.At the same time, do some research about the Graph-based malware detection, find that it is more efficient. Therefore, aiming at the problems existing in the traditional malware detection method, propose a malware detection method based on sample relation. This article has done the following work:First, propose a code relationship model based on the code's similarity. Through the comparison and analysis of a variety of algorithms, use the Simhash algorithm to find the text similarity of the code, and choose the Sift algorithm to find the similarity of the icon, and select the edit distance to find the similarity of the sensitive string, to characterize the similarity of the code. Use the graph to model code relationship, node is the code, and similarity is the weight between nodes.Then, based on the code relation model, propose a malware detection algorithm based on graph. Based on the code similarity graph model, combined with the label propagation algorithm, using the association between code, through malicious transmission between code and the neighbor codes, continuous iteration, to detect malware. Experiments show that the algorithm is accurate and running time is linear,which can adapt to the mass of the code samples,and it is an efficient detection technology.Finally, based on the above algorithm, design and implement a malware detection system based on graph. Based on the similarity of the code relationship modeling, use map database Titan to storage, and use label propagation algorithm to detect, and finally use front-end visualization technology to show the relationship between the sample. The test shows that the malware detection system based on the graph can find unknown malware.In this paper, the proposed malware detection algorithm, is high accuracy, and to a certain extent can solve the current problems of malware detection algorithm, changes the traditional detection model, which can detect unknown malicious samples, and adapt to mess samples. In the future, this article intends to take into account more code characteristics. |
PDF Full Text Request