基于简化指令的android应用程序恶意软件检测方法

Q4 Computer Science

Journal of China Universities of Posts and Telecommunications Pub Date : 2014-07-01 DOI:10.1016/S1005-8885(14)60506-9

Hang DONG , Neng-qiang HE , Ge HU , Qi LI , Miao ZHANG

{"title":"基于简化指令的android应用程序恶意软件检测方法","authors":"Hang DONG , Neng-qiang HE , Ge HU , Qi LI , Miao ZHANG","doi":"10.1016/S1005-8885(14)60506-9","DOIUrl":null,"url":null,"abstract":"<div><p>The amount of mobile malicious code is increasing faster every year and a serious security threat is posed by this. Hence, malware detection has become a critical topic in the field of computer security. This paper proposes a method to detect variants of known malware families in Android devices using simplify Dalvik instructions. This method is based on the sequence of instructions. A method is described in this paper to give the simplified description of each instruction and group them with n-gram patterns, which are set to be the malicious features. The result of the experiment shows that features extracted by this method are easy to be recognized, thus an effective way to detect variants of known malware families is provided.</p></div>","PeriodicalId":35359,"journal":{"name":"Journal of China Universities of Posts and Telecommunications","volume":"21 ","pages":"Pages 94-100"},"PeriodicalIF":0.0000,"publicationDate":"2014-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/S1005-8885(14)60506-9","citationCount":"17","resultStr":"{\"title\":\"Malware detection method of android application based on simplification instructions\",\"authors\":\"Hang DONG , Neng-qiang HE , Ge HU , Qi LI , Miao ZHANG\",\"doi\":\"10.1016/S1005-8885(14)60506-9\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>The amount of mobile malicious code is increasing faster every year and a serious security threat is posed by this. Hence, malware detection has become a critical topic in the field of computer security. This paper proposes a method to detect variants of known malware families in Android devices using simplify Dalvik instructions. This method is based on the sequence of instructions. A method is described in this paper to give the simplified description of each instruction and group them with n-gram patterns, which are set to be the malicious features. The result of the experiment shows that features extracted by this method are easy to be recognized, thus an effective way to detect variants of known malware families is provided.</p></div>\",\"PeriodicalId\":35359,\"journal\":{\"name\":\"Journal of China Universities of Posts and Telecommunications\",\"volume\":\"21 \",\"pages\":\"Pages 94-100\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1016/S1005-8885(14)60506-9\",\"citationCount\":\"17\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of China Universities of Posts and Telecommunications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1005888514605069\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"Computer Science\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of China Universities of Posts and Telecommunications","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1005888514605069","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 17

摘要

移动恶意代码的数量每年都在快速增长，这构成了严重的安全威胁。因此，恶意软件检测已成为计算机安全领域的一个重要课题。本文提出了一种利用简化的Dalvik指令检测Android设备中已知恶意软件家族变体的方法。这种方法是基于指令的顺序。本文描述了一种对每条指令进行简化描述的方法，并用n-gram模式对其进行分组，并将其设置为恶意特征。实验结果表明，该方法提取的特征易于识别，为检测已知恶意软件家族的变体提供了一种有效的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Malware detection method of android application based on simplification instructions

The amount of mobile malicious code is increasing faster every year and a serious security threat is posed by this. Hence, malware detection has become a critical topic in the field of computer security. This paper proposes a method to detect variants of known malware families in Android devices using simplify Dalvik instructions. This method is based on the sequence of instructions. A method is described in this paper to give the simplified description of each instruction and group them with n-gram patterns, which are set to be the malicious features. The result of the experiment shows that features extracted by this method are easy to be recognized, thus an effective way to detect variants of known malware families is provided.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of China Universities of Posts and Telecommunications Computer Science-Information Systems

CiteScore

0.50

自引率

0.00%

发文量

1878