【摘要】：針對(duì)現(xiàn)有移動(dòng)惡意代碼檢測(cè)準(zhǔn)確率低和檢測(cè)器生成質(zhì)量差等問(wèn)題,為了提高檢測(cè)器對(duì)非我空間的覆蓋率,提出了一種基于超橢球免疫理論的移動(dòng)惡意代碼檢測(cè)模型。利用動(dòng)態(tài)和靜態(tài)分析結(jié)合的方法全面提取和表征移動(dòng)惡意代碼特征,采用超橢球?qū)γ庖邫z測(cè)器進(jìn)行編碼�；陉幮赃x擇算法通過(guò)免疫耐受生成成熟檢測(cè)器,對(duì)親和度較高的超橢球檢測(cè)器進(jìn)行克隆變異實(shí)現(xiàn)檢測(cè)器的優(yōu)化,獲得檢測(cè)性能更加優(yōu)良的變異后代。最后,對(duì)收集的Android惡意應(yīng)用樣本進(jìn)行仿真,結(jié)果表明,所提出模型生成的超橢球檢測(cè)器具有較高的惡意代碼檢測(cè)效率和準(zhǔn)確率。
[Abstract]:Aiming at the problems of low detection accuracy and poor generation quality of mobile malicious code, a mobile malicious code detection model based on hyper-ellipsoid immune theory is proposed in order to improve the coverage of detector to non-self space. Dynamic and static analysis were used to extract and characterize the mobile malicious code and the super-ellipsoid was used to encode the immune detector. Based on the negative selection algorithm, a mature detector is generated by immune tolerance, and the super-ellipsoid detector with high affinity is cloned and mutated to optimize the detector. Finally, the Android malicious application samples collected are simulated, and the results show that the super-ellipsoid detector generated by the proposed model has higher detection efficiency and accuracy of malicious code.
【作者單位】： 中國(guó)人民公安大學(xué)網(wǎng)絡(luò)空間安全與法治協(xié)同創(chuàng)新中心;中國(guó)人民公安大學(xué)信息技術(shù)與網(wǎng)絡(luò)安全學(xué)院;中國(guó)移動(dòng)通信有限公司研究院;
【基金】：國(guó)家自然科學(xué)基金(61602489) 賽爾網(wǎng)絡(luò)下一代互聯(lián)網(wǎng)技術(shù)創(chuàng)新項(xiàng)目(NGII20160405)
【分類號(hào)】：TP393.08
，

本文編號(hào)：2162820