Population-based Android Security Risk Assessment And Malicious Application Detection

In the security problem of Android system,the rationality of permission invocation of Android application is an uncertain problem.Whether some permissions exceed the scope of the application itself,and whether some privacy permissions will cause users' privacy disclosure.It is difficult to determine the rationality of the application authority from the perspective of a single application.At the same time,in Android security issues,the malicious nature of the application is closely related to the permission of its application.The permissions applied by applications are important objects for security assessment and detection.Similar applications have similar functions,thus forming similar privilege requirements.Compared with the individual level of independence,the application of population is related.This paper studies from the perspective of population to overcome the problem that it is difficult to judge the rationality of Android application permission calls from the individual perspective.Referring to the concept of population in biology,this paper proposes a population-oriented method for large-scale Android application evaluation and malicious application detection.The main work is as follows:(1)Population-oriented Android application privacy disclosure risk assessment.The existing Android application evaluation methods mainly consider the accuracy of evaluation and neglect the efficiency of evaluation.Moreover,most of the existing methods mix different functional types of applications together to build data sets,without considering the differences between application functions.To solve the existing problems,this paper proposes a population-based risk assessment method for Android application privacy leakage,which can provide assessment services for large-scale applications at the same time.Through the analysis of group characteristics and population clustering,the risk assessment of large-scale application privacy leakage is carried out efficiently.The experimental results can provide users with reference for download recommendation and application software permission settings.(2)Malicious application detection of Android population based on ensemble learning.The malicious nature of the application is closely related to its application authority.Aiming at the shortcomings of malware detection technology,such as missed report,long detection cycle due to redundancy of features,unstable detection rate due to imbalance of benign and malicious samples,an Android malicious application detection method based on ensemble learning is proposed for population.To improve the accuracy and detection rate of malicious application detection,detection work should be carried out from the group perspective.Using chi-square test and information gain algorithm,feature selection before classification detection can remove a large number of redundant features and improve detection efficiency.With the population as the detection unit,the detection rate of malicious applications can be improved without population division.At the same time,the improved SVM algorithm and the improved Naive Bayesian algorithm are used to compose an integrated classifier,which further improves the detection rate of malicious Android applications by multi-model voting on the basis of population.