| Android OS(operating system) is the highest market share of the mobile operating system.However, the number of malicious applications also began to increase.Traditional malware detection technology based on the feature code matching can not effectively detect unknown Android applications.At present, data mining algorithm is always used to detect unknown Android applications by extracting characteristic data, but a single machine learning algorithm can not cope with the diversity of Android feature data, or predict the most suitable algorithm of feature data. For these problems, this thesis designed a MDHM detection model based on hybrid algorithm. The main research contents and results are as follows:(1) This thesis did an in-depth study of Android security mechanism, and made some comparison with technology about malicious acttacks and malware detection.This thesis also analyzed the common attacks of malicious application technology,and introduced the existing malicious behavior detection technology,including their advantages and disadvantages.(2) This thesis described Android application feature data extraction method based on static analysis and dynamic analysis. The static method can extract the feature data such as authority, third party library and so on. The dynamic analysis can bypass the obfuscated code problem and detect the malicious behavior when running. In this thesis, the dynamic analysis efficiency is improved based on the UI layout flow.(3) A hybrid algorithm based detection model MDHM is proposed to automatically select the best machine learning algorithm for different types of applications feature data. It can avoid the limitation of single data mining algorithm in solving multi class feature data.This thesis proposed an Android malware detection model based on hybrid algorithm,which realized by python and scikit-learn machine learning tools, and the validity of the model is verified by experimental data. |
PDF Full Text Request