Design And Implementation Of Android Parallel Virus Detection System Based On Deep Learning

With the popularity of Android,many Android-based smart devices have gradually become a breeding ground for malware.Malware continues to harm the interests of users by stealing their property and private information.This dissertation proposes a hybrid detection framework,which combines static detection and dynamic detection.In the aspect of static detection,a multi-label family classification method based on deep learning for generalized permissions sequence mining is proposed.In the aspect of dynamic detection,this dissertation cites and optimizes the work of predecessors with the purpose of reducing detection time.The hybrid detection framework is used to detect whether the target application belongs to some malware family.This dissertation first introduces the architecture of Android operating system,security mechanism,and the way of virus transmission.Then it introduces some basic knowledge on deep learning.After that,this dissertation migrates the multi-label classification problem of natural language processing to virus detection.Based on the minimum permission mechanism,a static detection method based on permission sequence mining is proposed.This method aims to infer the use of the application by mining the permissions of it,thereby inferring the family of it.A large number of label samples are needed because of using deep learning.This dissertation summarizes the different names of similar family which is used by many detection engines,and it solves the confusion of family naming.A multi-tagging method based on the voting results of the detection engine is proposed.In the aspect of classification,the multi-label classification model used in this dissertation solves the problem that a single virus which has multi-family behaviors cannot be completely detected because most other existing engines can only get one family.The model has achieved higher accuracy on a semi-public data set comparing with the current popular machine learning models.This method is equally applied to the classification of black and white samples.Experiments show that this method is more accurate than most current detection engines.In the aspect of dynamic detection,this dissertation optimizes the isomorphism algorithm of object reference graph in engineering by dividing the matching state space,and changing it to parallelization,thus reducing the detection time.The hybrid detection framework proposed in this dissertation can effectively solve some existing problems,such as promiscuous code,too long detection time and the low detection accuracy.This dissertation finally put the hybrid detection framework into effect.The overall detection system can achieve high accuracy in a short time.