Research And Implementation Of Android Malware Detection Technology Based On Multi-dimensional Visual Analysis

In recent years,mobile Internet and Internet of Things have been widely supported in the government and business areas,and the number of Android OS users and software has exploded,followed by massive malware.Security issues have long threatened the property and information security of Android users,such as privacy theft,malicious deduction and extortion fraud.Therefore,how to quickly and effectively detect malicious software is an urgent problem.Limited by the limited computing resources,the traditional Android malware detection method has the disadvantages of difficult reverse engineering,cumbersome file preprocessing,and high time and space complexity.With the wide application of artificial intelligence in many fields,malware detection technology based on visual analysis and deep learning is becoming more and more mature.However,the image features generated by these visualization analysis methods are single and lack of interpretability.The calculation amount and weight file of the large-scale convolution neural network model are large,which is not suitable for the mobile terminal with limited calculation.In order to solve the above situation,the research content of this paper mainly includes the following three points:(1)The advantages and disadvantages of traditional malware visualization algorithms are analyzed,and Files Mapping to RGB Three-channel visualization algorithm based on three Android feature files is proposed to increase the information content of image pixels and improve the correlation between channels.This method avoids the processing of Android software,and can effectively overcome the problems caused by confusion technology for Android software detection.Different visualization algorithms are used to analyze the difference of images generated by different family malwares and the similarity of images generated by the same family.The experimental results show that the images generated by this algorithm have higher identifiability.(2)Aiming at the shortcomings of small storage space and low computing power of Android platform,an improved lightweight convolutional neural network model suitable for Android malware detection is proposed.Combined with Files Mapping to RGB Three-channel visualization algorithm,a deep learning framework for Android malware detection and malicious family discrimination is designed.CIC dataset and Drebin malware family dataset are used for experiments.Finally,the model in this paper achieves 95.31 % and 92.69 % accuracy on the two datasets,respectively.(3)Through the above research content,the Android malware detection online system is designed and implemented.The system can quickly determine whether the detection object is malware or analyze the types and families of malware.The average detection time is less than 2 seconds,and the error rate less than 7%.All detection objects will be stored in the database for researchers,which proves the practical application of this study.