| With the rapid development of the mobile Internet and the continued popularity of wireless networks,mobile phones have become a part of people's lives.At present,the mobile phone system is dominated by IOS and Android.Among them,the Android system is popular with developers because of its features like open source,convenient development,and free of charge.At the same time,the number of Android users are getting more enormous due to the factors like richness of device prices and good extensibility of the platform.The current Android market share has exceeded 80%.However,Android's high market occupancy and its open source have attracted the attention of many malicious application developers.They spread malicious applications through the Internet and app stores,which made the Android market in chaos.These malicious applications not only can cause personal harm to users,but also threaten the security of enterprises and the country,and seriously affect the sound development of the Android market.How to efficiently and accurately detect malicious applications is a problem which needs to be resolved quickly when facing the situation that a large number of malicious applications are existing on the Android platform.This research focuses on the detection of malicious applications in Android system.First of all,the development of the Android system is briefly introduced and the Android system architecture and the Android security mechanism are described in detail.Then the types,threats and spreading ways of malicious Android applications are introduced.At last,this paper introduces the decompile and machine learning of Android application.And the relationship between detection of malicious Android applications and machine learning is elaborated.In order to further improve the detection accuracy,this paper proposes a malicious Android application detection model based on an improved Support Vector Machine(SVM).Based on the SVM,the model extracts the Android application permission information,and uses the Relief algorithm to filter the features so as to reduce the number of features and remove redundant features.Experiments show that classifiers generated by using the filtered features have better classification effects.In addition,the model uses genetic algorithm(GA)to obtain the approximate optimal model parameters of SVM,and uses this parameter to build a malicious Android application detection model.The experimental results show that the improved SVM model using Relief and GA can effectively improve the detection accuracy and reduce the false alarm rate. |
PDF Full Text Request