Combined With Dynamic And Static Android Platform Malware Detection Algorithm Research And System Design

With the wave of artificial intelligence sweeping in,intelligent equipment into everyone's life,smart phone is the most representative product.Among them,smart phones equipped with Android system have the largest user group.In order to meet the needs of users,the number of various kinds of software increases rapidly,and some malicious applications cause infringement on people's privacy and property.Therefore,the research on malware detection has good practical significance.Static detection of a single Android malware can not effectively deal with the use of obscenity technology and dynamic loading of malware,a single dynamic detection can not trigger malicious behavior within the effective time and other problems.In this paper,the hybrid deep learning model is used to effectively combine static and dynamic detection.A variety of static features are extracted by decompilation to construct a static feature set.Xposed Framework is used to Hook the Framework layer API,extract the dynamic runtime API call sequence,as a dynamic feature set.According to the locality of static features and the timing of dynamic features,a twochannel neural network based on CNN-Bigru-attention parallel was designed.The static and dynamic features were respectively input into the convolutional neural network and the bidirectional gated loop unit combined with the Attention mechanism.After the output fusion,the classification results are output through the full connection layer and Softmax layer.Through experimental tests,the accuracy of the hybrid neural network model combined with dynamic and static state reaches 98.56%,which is 4.12%and 3.11% higher than the static detection based on convolutional neural network alone and the dynamic detection based on bidirectional gating cycle combined with attention mechanism,respectively.Based on the dynamic and static features and hybrid neural network model extracted in this paper,the Android malware detection system is designed.The system is based on C/S architecture.The client performs lightweight detection by matching MD5 values,and the server performs in-depth detection for software not contained in the client database.Finally,it can detect Android malware effectively through an example.