| With the vigorous development of 5G,Internet and mobile terminal technology,not only has greatly promoted the informatization process of human society,but also made mobile phones an extremely important part of human daily life.The increasingly abundant mobile phone applications are not only greatly enriched.It has improved people's spiritual life and brought great convenience to mankind.In the current mobile phone market,Android devices dominate the mainstream market share.In 2019,Android's global monthly active devices reached 2.5 billion units.However,at the same time,the security issues of the Android system have also received increasing attention.The Android system is suffering from various types of malicious software.People's privacy and property will be infringed.Any malicious software targeting Android will be quickly affected by the large number of Android users Spread,so the detection of Android malware becomes particularly important.In this context,the paper has done the following tasks:(1)First of all,from the background,I studied the basic architecture of Android,the classification of malware,the status quo,and the new technologies emerging from malware today.Also studied various detection schemes of malware and the principles of several machine learning algorithms.(2)By studying the current mainstream malware detection methods,it is found that static detection techniques can be bypassed by techniques such as code obfuscation.In response to this problem,dynamic detection methods are adopted,and a dynamic detection scheme based on system calls is proposed,and the entire scheme is explained in detail.For the specific function and implementation details of the module,this article has found a way to construct a feature vector,using 192 system calls as its features,and designed the structure of the entire log collection system.Based on the research of multiple machine learning algorithms,three machine learning algorithms,XGBoost,LightGBM,and MLP,are selected.(3)Build a complete Android malware detection system.Created an Android sample library.Experiments are used to verify the effects of the three machine learning models of XGBoost,LightGBM,and MLP.The experiment found that the MLP model using principal component analysis has the highest accuracy rate,which can reach 97.4%.According to the Voting principle,the model fusion of XGBoost,LightGBM,and MLP models can achieve a higher accuracy of 98.1%;at the level of detection time,the LightGBM model with feature selection has the fastest time to achieve 0.0045s,the two have their own advantages and can be applied in different scenarios. |
PDF Full Text Request