Research And Implementation Of Malware Detection Technology For Android Based On Static Features

With the rapid development of mobile Internet,as the mainstream mobile system,Android has occupied about 83% of the global market in 2017.However,the open source and fragmentation features of Android system give attackers more opportunities for exploits.Attackers can obtain personal privacy information through malicious behaviors such as rogue behavior,malicious deduction,tariff consumption,and remote control,which make Android users face great trouble and risks.Android malware detection technology has become a hot topic.Motivated therefby,this thesis studies the Android system malware detection technology based on static features,and extracts and analyzes the static permissions and API information from reversed Android software so as to detect malware as early as possible.The main work of this paper is summarized as follows:(1)Firstly,this thesis proposes an Android malware detection technology based on static permission features.After extracting the permission features of a large number of APK samples and optimizing the preprocessing,the three machine learning algorithms,i.e.,logistic regression,SVM and random forest,are employed to learn the permission features extracted from a large number of APK samples.In this way,an APK sample classifier is obtained to classify unknown APK samples accurately and quickly,so as to perform the malware detection.Moreover,the malware detection results of three machine learning algorithms are analyzed and compared.(2)To further improve the detection accuracy of the APK sample classifier,a malware detection technology which combines permissions and API features is proposed.On the basis of extracting the permission characteristics of the APK sample,the API features of the APK sample are also extracted.Then the feature fusion method is employed to fuse the permissions and API features,obtaining the optimized fusion features.Furthermore,the three machine learning algorithms are reused to learn the merged features,so as to gain a more strong APK sample classifier.Finally,the classification experimental results show that the random forest outperforms the other two algorithms in terms of accuracy.(3)An Android malware detection prototype system based on static features analysis is designed and implemented.The system can perform the Android malware detection online.The experimental results show that the detection accuracy is about 92.98%,outperforming the BP neural network algorithm.Finally,summarize the full text and look forward to the next step.