Research Of Android Malware Detection Technology Based On Machine Learning

In recent years,with the continuous development of the mobile Internet,mobile devices have gradually become a part of people's lives,bringing great convenience to people's lives and work.The Android operating system has attracted most users and third-party developers due to its open source and freeness,occupies most of the operating system market.But many malware has followed.A variety of malware behaviors bring a lot of security issues,such as stealing users' privacy and causing economic losses to users,etc.The detection of Android malware has become especially important.With the continuous maturity of machine learning technology,it has become a hot technology for Android malware detection.However,there are still some problems such as low detection accuracy and high false positive rate.It is of great theoretical significance to study Android malware detection technology based on machine learning.Value.The main research work of this paper includes:(1)This paper introduces the research background and significance of Android malware detection,analyzes the application situation of mobile devices and mobile phone operating systems at home and abroad,and the development of Android malware,summarizes the research status of Android malware detection technology at home and abroad.It summarizes the theory related to Android system and the machine learning algorithm commonly used to detect malware.(2)For the problem that the selection of some parameters and parameter combinations in the Xgboost algorithm is easy to lead to the degradation of the classification efficiency of the detection method,we study the Android malware detection method based on ACO-Xgboost.Due to the adaptability and the global optimization ability of Ant Colony Optimization(ACO),it is introduced to optimize the parameters of Xgboost,and get the optimal parameter combination for Android malware detection.By extracting the three characteristics of permission,intent and API to obtain the optimal feature set.We design the experiment to compare with Particle Swarm Optimization(PSO)and Genetic Algorithm(GA),and analyze experimental data of the detection accuracy and false positive rate.(3)Aiming at the problem of unrelated feature masking abnormality in Android malware detection process,we study Android malware detection method based on DBN-Xgboost,and introduce deep Belief Network(DBN)for feature learning.We use DBN to construct feature learning module of the malware detection model and reduce feature dimension through unsupervised learning,and use Xgboost to detect and classify Android malware.Related experiments were designed and experimental data analysis of the classification was performed.The innovations in this article include:(1)An Android malware detection method based on ACO-Xgboost is proposed.The method uses ACO to optimize the Xgboost algorithm,so that Xgboost obtains the optimal parameter combination.The experimental results show that the detection accuracy of this method is 3% and 0.88% higher than that of GA-Xgboost and PSO-Xgboost classification methods respectively.The rate of false positives is also lower than the other two methods.(2)An Android malware detection method based on DBN and Xgboost is proposed.This method uses DBN to learn the features of Android malware,and obtains a feature set with good feature expression for the detection and classification of Android malware.The experimental results show that the method is 0.91% higher in classification accuracy than Xgboost alone.It is 1.66% higher than DBN,and is also higher than SVM and GDBT classification algorithms.It also has good detection effect in terms of false positives rate.