Research On Android Malware Static Detection Model Based On Application Classification

Since Google released the Android 1.0 system in 2008,the Android system has been sought after by the major mobile phone manufacturers,software developers and telecom operators with its openness.After 10 years of continuous development,the current Android mobile phone market share has been Nearly 90%.Due to its openness and huge market share,Android mobile phones have become the hardest hit by hackers.All kinds of malware causes serious information leakage and huge security threats to users.In this context,many researchers have joined the ranks of Android malware detection research.It summarized the advantages and disadvantages of current research at home and abroad,and proposed an Android malware static detection model based on application classification for the problems of low classification accuracy and low detection rate in Android malware detection.Firstly,in order to improve the detection rate for malware,it divided the Android software samples into different sample spaces based on the software categories in the application market.For all samples under a single application category,the Permission information,Intent information,and Component information that were applied during Android software installation were extracted as features,and they were quantified to construct an experimental data set.Secondly,in order to improve the effectiveness of subsequent classification detection,it proposed an IG-ReliefF hybrid feature screening algorithm.It searched feature subsets from all features based on IG and ReliefF algorithms,then used a Wrapper algorithm based on Support Vector Machine to score feature subsets,and finally selected the feature subset with the highest score.In addition,aiming at the problem of unbalanced sample data of Android software,a Bagging-SVM classification detection algorithm was proposed.Multiple balanced data sets were constructed through bootstrap sampling and used to train the SVM integrated classifier based on the Bagging algorithm.Then the Android malware detection was performed through the integrated classifier.Finally,The experimental results show that the classification accuracy anddetection rate of the model are 98.6% and 97.5% respectively under the reading software samples.Compared with the case where the application is not classified,the classification accuracy is improved by 1.3%.At the same time,compared with the MalAware method that uses the same malicious sample set,the model still has a higher classification accuracy and detection rate.