| Android system has become the world's most widely used mobile operating system with the largest market share due to its openness and complete ecological environment.However,the problem following is that it has also become a fertile ground for all kinds of malicious applications.The effective identification of Android malware has become an urgent problem in the area of mobile security.Researchers generally use machine learning technology to detect malware,but there are flaws in model ensemble methods as well as the selection of feature types and feature selection methods.In addition,the related studies are not practical enough due to a lack of information about applying the detection method to practical.Based on machine learning,this thesis proposes a complete set of closed-loop methods for automatic malware detection in terms of Android malware detection scenario,which is able to solve the deficiencies in related studies.The thesis includes two parts.A reliable malware detection model proposed first.This thesis designs a severity algorithm to screen out the high-risk security vulnerabilities of the application,in combination with the widely used N-gram opcode and traditional static information as features.The TIOE algorithm designed by this thesis and traditional embedded methods are considered for feature selection.Six basic classification algorithms with better performance are selected as the base model.Dynamic ensemble selection and Stacking are used as ensemble learning method to obtain the final classification model.In the second part,an automatic detection method directly applied to mobile phones is provided.Based on the transformation of the Android system's inherent installer,in combination with a bridge application and other service,the application can be automatically detected when it is installed on the mobile phone.The feedback and self-adaptive installation greatly increase the automation and practicability of the detection method,which can also explement the gaps in the relevant research.Finally,this thesis makes a horizontal comparison of various indicators between the proposed model and other methods in related research.The results show that the detection model proposed in this thesis has better performance.The automatic detection method has been tested to simulate the reality as much as possible,which verifies the effectiveness and reliability of the method.Therefore,the results in this thesis would be valuable for the model design and method implementation in the area of Android malware detection. |
PDF Full Text Request