Research On Multi-classification Scheme Of Android Malware Family

With the rapid development of the mobile Internet,mobile phones have become the main equipment for people to access the Internet;in the mobile operating system,Android accounted for 82.8%.While the Android operating system is popular,it has also become the main target of hacker attacks;correspondingly,the research of Android security field has attracted more attention.Existing research focuses on the distinction between Android malicious applications and benign applications.There is less concern about the family classification of Android malicious applications,and simply detecting malicious applications cannot completely prevent its harm.Therefore,studying the multi-classification problem of Android malicious application families can help detect and prevent the harm of malware,and has a positive effect on the security of Android system.The work of this thesis is as follows:1.The method of color visualization Android application was proposed and implemented,and combined with deep learning,experiments were carried out on the classification of malicious families.Aiming at the research of gray-scale visualization images in the classification of malicious applications,and its insufficiency in combining deep learning techniques,a new classification method is proposed by using color visualization images.The effectiveness of the color visualization method is verified by comparison with the grayscale visualization method.2.The effects of different features on color visualization classification were further studied.Color visualization using different features improves the accuracy of Android malicious family classification.The effects of three different characteristics on the accuracy and efficiency of family classification were verified.The optimal feature selection at the current stage is obtained through experimental data.3.Designed and implemented a multi-classifier for the Android malicious application family,which can classify 131 families.In view of the difficulty in classifying malicious families,it is difficult for existing methods to achieve higher accuracy in the case of multiple families and overlapping family features.Using color visualization combined with convolutional neural networks or deep residual networks,we tested the accuracy of two deep learning algorithms in 50 malicious application families and 13 1 malicious application families,and finally realized multi-family classifiers,achieving 96.36%classification accuracy,able to effectively classify Android malicious application families.