Android Security Research Based On Feature Importance

With the development of mobile Internet,mobile devices have become an important part of people's lives.The Android platform has developed rapidly due to its openness and diversification.But at the same time,Android users are also threatened by more and more malicious applications.More than just malware,even Android apps in the app market may have the problem of stealing user privacy.At present,the research on the security of Android software is gradually deepened,but the problems of different application characteristics of different categories are rarely considered.For example,communication social application software usually needs to apply for READ CONTACTS permission to obtain the user's social relationship,but if the news reading software applies for the permission,there may be a problem of swollen authority.If the normal software contains the permissions that it should not have,it may leaks user's privacy,and it is difficult for ordinary users to distinguish whether the various permissions applied by each application are normal in a mass application.In view of the shortcomings of the existing research,this thesis considers that different types of applications have different behaviors,and the authority that they need applies for are also different,uses the machine learning method to detect the security of Android applications.The main research work is as follows:Firstly,the thesis uses the logistic regression algorithm and the random forest algorithm to classify Android applications,and analyzes the importance of different features in the two algorithms.The experimental simulation results in a detection rate of 94.9% and a multiclassification accuracy of 89.2%.Secondly,combining with the characteristics of logistic regression algorithm and random forest algorithm,a linear model construction method is proposed to improve the accuracy of malware detection.In this thesis,different models are used to construct the linear model.The experimental simulation results in a detection rate of 95.0% and a multi-classification accuracy of 91.4%.Third,based on the linear detection model constructed in this thesis,this thesis proposes an Android software security detection model.The model not only detects whether the application is malware,but also detects whether the application has an abnormal permission application behavior by analyzing the permission characteristics of the application and the feature importance of the category to which the application belongs,thereby achieving the purpose that detecting whether the benign software authority is override.Finally,this thesis designs and implements the Android software security detection system.The system uses the model built in this thesis to detect the user-uploaded APK,and the test results feedback the specific classification of the application and the possible privacy leakage behavior.