| 引用本文: |
-
荆鹏飞,朱大立.基于字节码图像纹理增强的安卓恶意应用检测方法[J].信息安全学报,已采用 [点击复制]
- JING Pengfei,ZHU Dali.Application Of Neural Network Search Algorithm In Android Malicious Application Detection[J].Journal of Cyber Security,Accept [点击复制]
|
|
| |
|
|
| 本文已被:浏览 124次 下载 0次 |
|
| 基于字节码图像纹理增强的安卓恶意应用检测方法 |
|
|
|
|
| (中国科学院信息工程研究所第八研究室 北京中国100093) |
|
| 摘要: |
| 移动互联网中的安全问题绝大多数是由恶意应用引起的,目前针对Android平台恶意应用的检测方法有很多,一类较为通用的方法是提取应用中的文本特征进行静态检测,该方法准确率高,但难以检测使用加壳、混淆等技术的恶意代码;另一类方法是基于应用可视化的检测方法,该方法省去反编译流程,且对加壳、混淆有一定的抗性,但和基于文本特征的检测方法相比,该方法对于恶意应用特征表征方法研究较少,大多直接将待检测的文件转化为字节码图像进行检测,检测准确率和基于文本特征的检测方法相比普遍偏低。针对这一现状,本文围绕字节码图像的特征表征方法展开研究,首先将Android应用解压缩后的dex文件和native库文件合并转化成RGB图像,再对RGB图像中的纹理进行特征提取,在原有RGB图像上通过叠加的方法实现纹理特征增强。最后,选用多个在图片分类领域内表现优秀的卷积神经网络模型,对比普通的RGB图像P0和经过纹理特征增强的RGB图像P"在不同模型下的分类效果,从而对本文提出的纹理特征增强方法进行实验验证。实验证明,本文提出的方法能够更好的表征字节码图像特征,在不同卷积神经网络模型下,和原始RGB图像相比,检测准确率均有提升,最高达到了98.96%。 |
| 关键词: 恶意应用检测,可视化,RGB图像,纹理增强,卷积神经网络 |
| DOI: |
| 投稿时间:2023-11-11修订日期:2024-04-02 |
| 基金项目: |
|
| Application Of Neural Network Search Algorithm In Android Malicious Application Detection |
|
JING Pengfei1,2,2,2,3,4,2,2,2,5,6,2,2,2,3,7,2,2,2,5,8, ZHU Dali1,2,3,4,2,5,6,2,3,7,2,5,8
|
| (1.No.8&2.amp;3.lt;4.sub&5.gt;6.th&7./sub&8.Laboratory,Institute of Information Engineering,Chinese Academy of Sciences) |
| Abstract: |
| Most of the security problems in the mobile Internet are caused by malicious applications. At present, there are many detection methods for malicious applications on the Android platform. One of the more common methods is to extract text features in applications for static detection. This method has a high accuracy rate, but it is difficult to detect malicious codes using technologies such as packing and obfuscation; another method is the detection method based on application visualization, which eliminates the decompilation process and has certain resistance to packing and obfuscation. Compared with text feature detection methods, this method has less research on malicious application feature characterization methods, most of which directly convert the files to be detected into bytecode images for detection, and the detection accuracy is generally lower than that of text feature-based detection methods. Low. In view of this situation, this paper conducts research on the feature representation method of bytecode images. Firstly, the dex file decompressed by the Android application and the native library files are merged and converted into an RGB image, and then the texture in the RGB image is extracted. method to achieve texture feature enhancement on the original RGB image. Finally, a number of convolutional neural network models with excellent performance in the field of image classification are selected to verify the texture feature enhancement method experimentally, and the classification effects of ordinary RGB image P0 and texture enhanced RGB image P" under different models are compared. Experiments have proved that the method proposed in this paper can better characterize the bytecode image features. Under different convolutional neural network models, compared with the original RGB image, the detection accuracy has been improved, reaching a maximum of 98.96%. |
| Key words: malicious app detection, visualization, RGB images, texture enhancement, convolutional neural networks |
|
|
|
|
|
