Design And Implementation Of Malware Detection System Based On Android Platform

Today,the Android system accounts for more than 70%of the smartphone market.With the continuous development of the Internet of Things,the Android system is applied to smart watches,TVs,refrigerators and other devices.The Android system brings great convenience to people's lives,and it also makes people more vulnerable to malware.Major Internet security companies(such as McAfee,360)have released reports on Android malware,which indicates that Android malware is constantly changing,and new categories are emerging rapidly.Researchers have also noticed the dangers of Android malware,and they have invested in the research of Android malware in order to fight them.In the process of investigating the Android malware detection methods proposed by different researchers,this paper finds that the researchers use many kinds of features(such as permissions,system calls,special strings,network traffic records,user interaction sequences,etc.).Possible feature vector space size up to several hundred thousand.The feature vector space that may be involved is up to several hundred thousand,so feature selection is necessary in Android malware detection.At the same time,this paper finds that the feature selection algorithm commonly used by researchers is the information gain feature selection algorithm,which contradicts the imbalance of experimental data used in Android malware detection.Therefore,this paper proposes a new feature selection algorithm EFA(Entropy-based Feature Availability),which is more suitable for Android malware detection.At the same time,the experiment is designed to verify the effect of the proposed EFA feature selection algorithm.The experimental results show that the average classification accuracy of the EFA feature selection algorithm in the 48 comparative classification experiments is 0.92,and the average variance is 4.2E-05.The average classification accuracy obtained by the information gain feature selection algorithm is 0.93,and the corresponding average variance is 4.92E-05.It shows that the EFA feature selection algorithm proposed in this paper is more stable than the information gain feature selection algorithm while ensuring the classification effect.It is very suitable for the Android malware detection with extremely imbalance data set distribution.Finally,based on the proposed EFA feature selection algorithm,250 features are selected as classification features,and the classification model is trained.The model obtains 98%accuracy on the data set of this paper.Then this paper designs and implements a malware detection system based on Android platform,which takes this model as the core.The system is divided into two applications,one is the application of the Android platform,and the other is the application of the Web.This system can quickly detect applications on Android devices,and provide more comprehensive detection of applications through the server.