Research On Android Malware Detection Algorithm And Application Based On Deep Learning

Android system as an important part of the development of mobile Internet,with the rapid development of mobile Internet,more and more Android devices are used.Statistics show that in the fourth quarter of 2019,the world's major companies shipped 368.8million Android mobile devices.In recent years,with the update and upgrading of mobile network communication infrastructure and the improvement of 5g communication protocol,the technical foundation for the development of Android system and its application has been laid.More and more Android applications have been developed.According to the official statistics website of APP Anni,there are more than 2.8 million Android applications in the current Google play application market.Following the emergence of all kinds of Android malware,the number of Android malware has increased,and with the development of malware detection technology,it has evolved more and more powerful and become more and more difficult to detect,which makes the security threat of malware to Android devices more and more serious.In this paper,from the two perspectives of malware detection and malware family classification,related malware knowledge and concepts are described,and the mathematical basis of the method model used is described.At the same time,the development of malware detection technology and malware family classification technology are described from three aspects,namely static analysis technology,dynamic analysis technology and machine learning technology And summarize its advantages and disadvantages.Finally,according to the shortcomings of the existing Android malware detection research and Android malware family classification research,this paper describes the Android malware detection method and Android malware family classification method,and also puts forward suggestions for the next work of malware detection technology and family classification technology.Specifically,the main research results of this paper are as follows:(1)Complete the static detection and analysis algorithm model of non consolidated malware and partially consolidated malware.At present,there are a lot of static detection and analysis methods,which generally have the problems of relatively low accuracy and high false alarm rate.At the same time,there are many static analysis methods that need to reverse the operation of Android application packages,so there is a problem of poor detection effect on the consolidated Android malware.In this paper,the RGBA byte image detection algorithm based on CNN is proposed,which can quickly and accurately identify Android malware,and also has the detection ability for the reinforcement software.This paper also completes the related deep learning model research and comparison.(2)Complete the research of Android malware family classification algorithm model.Through the study of malware family,we can deepen the understanding of malware.At present,there are already some Android malware family classification methods.Through research and comparison,it is found that their classification accuracy can also be improved.The family comprehensive classification algorithm model used in this paper uses the idea of sequence integration method.At the same time,based on the detection method in this paper,the further improvement of CNN model is completed.Finally,the CNN model,DBN model and random forest model are combined through the result selector to complete the research on Android malware family classification of Drebin dataset.In this paper,10 families in Drebin dataset are selected as the research objects,and the samples are balanced to better use in the research of family classification algorithm.This paper also completed the research and explanation of the existing family classification methods,and completed the comparative experiment.