| The 360 Security Center reports the number of Android users is the largest among all mobile intelligent terminal users in the global,and it is still growing now.Meanwhile,a large amount of Android malwares is springing up from Android apps Market when Android is fashion in global.These Android malwares that can bypass the security mechanism in Android and execute multiple malicious behaviors,leads that Android owners' information security is in great threat.To mitigate threats posed by Android malwares,three detection methods of Android malware that based on machine learning is designed,namely the static detection,the dynamic detection and the hybrid detection.(1)Static detection based on static analysis technology and machine learning is a method detecting Android malware.Firstly,according to programming experience,description document about classes and methods in Google Developer website,statically analyzing 4317 Android malwares and InfoGainAttributeEval,we summarized the malicious feature library.Secondly,we extracted feature vectors based on the malicious feature library.Finally,we use feature vectors and SVM classifier to detect Android malwares.(2)Dynamic detection based on dynamic analysis technology and machine learning is a method detecting Android malware.Firstly,according to changing of statue as Android malware executed in phone,we get the feature vectors;Secondly,we programed test cases for triggering Android malware;Finally,we use feature vectors and classifier to detect Android malwares.(3)The hybrid detection a method which combines static detection and dynamic detection.We use the static detection as the first stage for reducing the false positive and the dynamic detection as the second stage,for reducing the false positive rate of the static detection and making the time-consuming of the dynamic detection shorter.Experimental result show that the static detection can detect the Android malware effectively,and the feature vectors based on InfoGainAttributeEval can detect Android malware more efficiently than CfsSubsetEval and Consistency SubsetEval;dynamic detection based on test cases and the feature vectors can effectively detect Android malwares,and ensure low false positive rate;hybrid method with static detection and dynamic detection can ensure detection accuracy,reduce the static detection method of false positive rate,make the time-consuming of dynamic detection shorter. |
PDF Full Text Request