本文選題：Android + 惡意軟件�。� 參考：《南京大學》2016年碩士論文

【摘要】：伴隨著時代的發(fā)展,智能手機已經(jīng)滲透進了人類生活的方方面面,成為日常生活必不可少的一部分。而相較于傳統(tǒng)的PC設備,智能手機上安裝了各式各樣的傳感器,手機上的應用軟件根據(jù)這些傳感器的信息可以提供豐富的功能。但是這些傳感器以及其它功能的存在使得智能手機攜帶著使用者很多的隱私數(shù)據(jù),如位置信息、通訊錄信息、指紋信息、短信記錄等。這導致對智能手機的攻擊層出不窮,因此智能手機的安全防護已成為當前亟需解決的問題。在當前的智能手機市場中,Android平臺的占有率已遠遠超過了iOS平臺,同時Android平臺有著很大的開放性,這就使得越來越多的攻擊者將其作為攻擊目標,導致Android平臺的惡意軟件數(shù)量急劇增加。因此研究針對Android平臺的惡意軟件檢測技術對保護用戶的隱私安全和維護Android生態(tài)系統(tǒng)具有十分現(xiàn)實的意義。針對Android平臺面臨惡意軟件威脅的問題,我們設計并實現(xiàn)了一個以數(shù)據(jù)依賴為特征基于機器學習的Android平臺惡意軟件檢測、分類和描述系統(tǒng)DroidADDMiner。DroidADDMiner利用了靜態(tài)數(shù)據(jù)流分析和機器學習算法相結(jié)合的方式,利用數(shù)據(jù)流分析敏感API之間的數(shù)據(jù)依賴來作為特征信息,根據(jù)特征信息生成特征向量,然后通過機器學習算法利用特征向量來進行惡意軟件的檢測、分類和描述。DroidADDMiner首先通過對APK文件進行反編譯,將app的代碼轉(zhuǎn)化為一種中間語言的表示形式,然后選取一些敏感的API,以它們?yōu)榛A進行數(shù)據(jù)流分析,獲取這些敏感API之間的數(shù)據(jù)依賴關系。在得到了敏感API之間的數(shù)據(jù)依賴關系后,利用數(shù)學方法將這些依賴關系轉(zhuǎn)化為特征向量,這些特征向量被機器學習算法用來訓練分類器。DroidADDMiner運用了樸素貝葉斯(Naive Bayes)、隨機森林(Random Forest)、支持向量機(Support Vector Machine)等機器學習的分類算法來進行惡意軟件的檢測和分類,同時利用了關聯(lián)規(guī)則分析(Association Rule Mining)Aprori算法來自動地描述一個惡意軟件的惡意行為。我們還用實驗評估了DroidADDMiner在進行惡意軟件檢測、分類和描述時的有效性,實驗表明DroidADDMiner能夠達到很高的準確率,并且不會產(chǎn)生太大的誤報。
[Abstract]:With the development of the times, smart phones have penetrated into all aspects of human life and become an indispensable part of daily life. Compared with the traditional PC devices, smart phones are equipped with a variety of sensors, and the application software on the mobile phone can provide rich functions based on the information of these sensors. But the existence of these sensors and other functions makes the smartphone carry a lot of privacy data such as location information, address book information, fingerprint information, SMS record and so on. As a result of the endless attacks on smartphones, the security of smart phones has become a problem that needs to be solved. In the current smartphone market, the share of Android platform has far exceeded that of iOS platform. At the same time, Android platform is very open, which makes more and more attackers target it. As a result, the number of malware on the Android platform has increased dramatically. Therefore, it is very important to study the malware detection technology for Android platform to protect the privacy of users and maintain the Android ecosystem. Aiming at the problem that Android platform is facing the threat of malware, we design and implement a Android platform malware detection based on machine learning, which is based on data dependency. The classification and description system (DroidADDMiner.DroidADDMiner) combines static data stream analysis with machine learning algorithm, uses data dependency between data stream analysis sensitive API as feature information, and generates feature vector according to feature information. Then the machine learning algorithm uses the feature vector to detect the malware, classifies and describes. DroidADDMiner first decomposes the APK file to transform the code of app into a representation of an intermediate language. Then, some sensitive APIs are selected to analyze the data flow based on them, and the data dependencies between these sensitive APIs are obtained. After obtaining the data dependencies between sensitive API, these dependencies are transformed into feature vectors by mathematical method. These feature vectors are used by machine learning algorithms to train the classifier. Droid ADD Miner uses machine learning algorithms such as naive Bayes Bayes, Random Forest Random Forester, support Vector Machine to detect and classify malware. At the same time, Association Rule Mining)Aprori algorithm is used to describe the malicious behavior of a malware automatically. We also evaluate the effectiveness of DroidADDMiner in malware detection, classification and description by experiments. The experiments show that DroidADDMiner can achieve high accuracy and not produce too much false positives.
【學位授予單位】：南京大學
【學位級別】：碩士
【學位授予年份】：2016
【分類號】：TP316;TP309

【相似文獻】

相關期刊論文 前10條

1 林耕宇;;觀摩50名Google Android程序開發(fā)競賽作品[J];電子與電腦;2008年08期

2 樹子;;Android中文版不完全體驗[J];互聯(lián)網(wǎng)天地;2009年04期

3 Jason Whitmire;;產(chǎn)業(yè)軟件專家如何協(xié)助解決Android的分裂困境[J];電子與電腦;2010年02期

4 蔣彬;;10款Android手機必備應用——Android操作系下的軟件評測[J];微電腦世界;2010年04期

5 ;PCWorld Windows Phone 7挑戰(zhàn)Android 毅然崛起的AndroidⅠ洗心革面的Windows Phone 7[J];微電腦世界;2010年08期

6 韓青;;Android平臺發(fā)展的動力與挑戰(zhàn)[J];中國電子商情(基礎電子);2010年09期

7 方智勇;;Android手機這樣用[J];電腦迷;2010年15期

8 缺少浪漫;;Android的另一面[J];電腦迷;2010年13期

9 ;ZTE and Three Release Android ，

本文編號：1831736