Android Malware Detection Method Based On Model Library

Because the use of APP privacy permissions is an issue of uncertainty,it becomes difficult to judge the rationality of applying for permissions by a single APP.In Android security issues,the maliciousness of an application is closely related to the permissions it applies for.Applications of the same category have similar functions,which means that system permissions applied for software of the same category are also similar.In this regard,drawing on the concept of population in biology,abstracting the permission features from the perspective of the population,and analyzing the relationship between the population and the rational use of permissions.For population applications,this paper proposes a detection method for Android-based malicious applications based on populations.First,it extracts the permission usage of applications,and then uses the SMO(Sequence Minimum Optimization)algorithm to divide the applications into groups,using the population as the detection unit,and then uses Chi-square test and information gain algorithm remove redundant features.Finally,based on the mapping relationship of the population algorithm found in the experiment,the Android malicious application detection for the population is realized.Experiments show that the detection method of Android malicious applications based on population has high efficiency and effectiveness.In reality,the detection data is often multi-group.Therefore,this paper proposes an Android malware detection method based on a model library.The model library method is to train different algorithms to generate different recognizers as the base model.The base model constitutes the model library,and the cross-combination between the base models forms the model.Iteratively iterates this combination to find the best effect.Combination model.The model library is trained through a large amount of data,so that the combination of the base model is realized by the evolution of the clone selection algorithm.After evolution from generation to generation,the model with the best effect is obtained.After experimental verification,the method in this paper has a good recognition effect on multiple group data.