【摘要】：針對現(xiàn)有移動惡意代碼檢測準(zhǔn)確率低和檢測器生成質(zhì)量差等問題,為了提高檢測器對非我空間的覆蓋率,提出了一種基于超橢球免疫理論的移動惡意代碼檢測模型。利用動態(tài)和靜態(tài)分析結(jié)合的方法全面提取和表征移動惡意代碼特征,采用超橢球?qū)γ庖邫z測器進(jìn)行編碼�；陉幮赃x擇算法通過免疫耐受生成成熟檢測器,對親和度較高的超橢球檢測器進(jìn)行克隆變異實(shí)現(xiàn)檢測器的優(yōu)化,獲得檢測性能更加優(yōu)良的變異后代。最后,對收集的Android惡意應(yīng)用樣本進(jìn)行仿真,結(jié)果表明,所提出模型生成的超橢球檢測器具有較高的惡意代碼檢測效率和準(zhǔn)確率。
[Abstract]:Aiming at the problems of low detection accuracy and poor generation quality of mobile malicious code, a mobile malicious code detection model based on hyper-ellipsoid immune theory is proposed in order to improve the coverage of detector to non-self space. Dynamic and static analysis were used to extract and characterize the mobile malicious code and the super-ellipsoid was used to encode the immune detector. Based on the negative selection algorithm, a mature detector is generated by immune tolerance, and the super-ellipsoid detector with high affinity is cloned and mutated to optimize the detector. Finally, the Android malicious application samples collected are simulated, and the results show that the super-ellipsoid detector generated by the proposed model has higher detection efficiency and accuracy of malicious code.
【作者單位】： 中國人民公安大學(xué)網(wǎng)絡(luò)空間安全與法治協(xié)同創(chuàng)新中心;中國人民公安大學(xué)信息技術(shù)與網(wǎng)絡(luò)安全學(xué)院;中國移動通信有限公司研究院;
【基金】：國家自然科學(xué)基金(61602489) 賽爾網(wǎng)絡(luò)下一代互聯(lián)網(wǎng)技術(shù)創(chuàng)新項目(NGII20160405)
【分類號】：TP393.08
，

本文編號：2162820