利用应用程序的复杂性分区为Android恶意软件检测

2021 IEEE 7th International Conference on Cloud Computing and Intelligent Systems (CCIS) Pub Date : 2021-11-07 DOI:10.1109/CCIS53392.2021.9754533

Zhanbo Li, Biao Jiang, Baolei Mao, Yan Zhuang, Hongtao Zhang

{"title":"利用应用程序的复杂性分区为Android恶意软件检测","authors":"Zhanbo Li, Biao Jiang, Baolei Mao, Yan Zhuang, Hongtao Zhang","doi":"10.1109/CCIS53392.2021.9754533","DOIUrl":null,"url":null,"abstract":"With the widespread use of Android applications, malicious applications seriously threaten information security and personal privacy. Although a lot of researches have been conducted on malware detection by using various detection models, the effect of the complexity characteristics of Android application on the android malware detection is not investigated in depth. In this article, we leverage application complexity partition for Android malware detection to deal with different android application complexity characteristics in fine-grain. We first investigate the impact of application complexity on malware detection, and utilize application complexity to screen out four datasets with different complexity by dividing the original dataset. Then, we use frequency difference sorting (FDS) algorithm to extract highly sensitive permissions and API calls that can identify benign and malicious applications. Finally, we evaluate support vector machine (SVM) and four other machine learning methods to perform android malware detection with respect to different application complexity partitions. Experimental results show that ACPDs can achieve 95.18%-99.19% accuracy and 95.45%-99.68% recall in different application complexity datasets, which are better than the 91.02% accuracy of SigPID. The experimental results demonstrate that ACPDs are scalable enough to work well with different machine learning methods and improve machine learning based Android malware detection effectively.","PeriodicalId":191226,"journal":{"name":"2021 IEEE 7th International Conference on Cloud Computing and Intelligent Systems (CCIS)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Leveraging Application Complexity Partition for Android Malware Detection\",\"authors\":\"Zhanbo Li, Biao Jiang, Baolei Mao, Yan Zhuang, Hongtao Zhang\",\"doi\":\"10.1109/CCIS53392.2021.9754533\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the widespread use of Android applications, malicious applications seriously threaten information security and personal privacy. Although a lot of researches have been conducted on malware detection by using various detection models, the effect of the complexity characteristics of Android application on the android malware detection is not investigated in depth. In this article, we leverage application complexity partition for Android malware detection to deal with different android application complexity characteristics in fine-grain. We first investigate the impact of application complexity on malware detection, and utilize application complexity to screen out four datasets with different complexity by dividing the original dataset. Then, we use frequency difference sorting (FDS) algorithm to extract highly sensitive permissions and API calls that can identify benign and malicious applications. Finally, we evaluate support vector machine (SVM) and four other machine learning methods to perform android malware detection with respect to different application complexity partitions. Experimental results show that ACPDs can achieve 95.18%-99.19% accuracy and 95.45%-99.68% recall in different application complexity datasets, which are better than the 91.02% accuracy of SigPID. The experimental results demonstrate that ACPDs are scalable enough to work well with different machine learning methods and improve machine learning based Android malware detection effectively.\",\"PeriodicalId\":191226,\"journal\":{\"name\":\"2021 IEEE 7th International Conference on Cloud Computing and Intelligent Systems (CCIS)\",\"volume\":\"37 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-11-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE 7th International Conference on Cloud Computing and Intelligent Systems (CCIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCIS53392.2021.9754533\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE 7th International Conference on Cloud Computing and Intelligent Systems (CCIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCIS53392.2021.9754533","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

随着Android应用的广泛使用，恶意应用严重威胁着信息安全和个人隐私。虽然已经有大量的研究利用各种检测模型对恶意软件进行检测，但Android应用的复杂性特征对Android恶意软件检测的影响并没有深入研究。在本文中，我们利用应用程序复杂性分区进行Android恶意软件检测，以细粒度处理不同的Android应用程序复杂性特征。我们首先研究了应用复杂性对恶意软件检测的影响，并利用应用复杂性对原始数据集进行划分，筛选出4个不同复杂性的数据集。然后，我们使用频差排序(FDS)算法提取高度敏感的权限和API调用，可以识别良性和恶意应用程序。最后，我们评估了支持向量机(SVM)和其他四种机器学习方法在不同应用复杂性分区下执行android恶意软件检测的效果。实验结果表明，acpd在不同应用复杂度的数据集上准确率可达95.18% ~ 99.19%，召回率可达95.45% ~ 99.68%，优于SigPID的91.02%。实验结果表明，acpd具有足够的可扩展性，可以很好地与不同的机器学习方法一起工作，并有效地提高了基于机器学习的Android恶意软件检测。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Leveraging Application Complexity Partition for Android Malware Detection

With the widespread use of Android applications, malicious applications seriously threaten information security and personal privacy. Although a lot of researches have been conducted on malware detection by using various detection models, the effect of the complexity characteristics of Android application on the android malware detection is not investigated in depth. In this article, we leverage application complexity partition for Android malware detection to deal with different android application complexity characteristics in fine-grain. We first investigate the impact of application complexity on malware detection, and utilize application complexity to screen out four datasets with different complexity by dividing the original dataset. Then, we use frequency difference sorting (FDS) algorithm to extract highly sensitive permissions and API calls that can identify benign and malicious applications. Finally, we evaluate support vector machine (SVM) and four other machine learning methods to perform android malware detection with respect to different application complexity partitions. Experimental results show that ACPDs can achieve 95.18%-99.19% accuracy and 95.45%-99.68% recall in different application complexity datasets, which are better than the 91.02% accuracy of SigPID. The experimental results demonstrate that ACPDs are scalable enough to work well with different machine learning methods and improve machine learning based Android malware detection effectively.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 IEEE 7th International Conference on Cloud Computing and Intelligent Systems (CCIS)

自引率

0.00%

发文量