基于深度神經(jīng)網(wǎng)絡(luò)的Android惡意軟件檢測
發(fā)布時間:2021-02-12 02:45
Android操作系統(tǒng)普遍存在,幾乎可以在官方Google Play商店或十幾個其他第三方市場中輕松訪問所有應(yīng)用程序。此外,智能手機在現(xiàn)代生活中的重要作用使得可以在設(shè)備上存儲任何重要信息,不僅包括個人信息,還包括公司信息等。這些大量關(guān)鍵信息引起了非法者的廣泛興趣,他們可以通過Android惡意軟件來獲取信息。惡意軟件可能會增加電話費用,向聯(lián)系人列表發(fā)送未經(jīng)認證的消息,收集用戶信息或提供攻擊者對設(shè)備的控制權(quán)等,近年來已成為移動安全領(lǐng)域關(guān)注的重要問題之一。針對Android惡意軟件的第一道防御機制是官方Google Play商店中的Play Protect,它可以在使用Google官方商店或第三方商店下載應(yīng)用程序和APK文件時進行驗證。另一種防御機制是Android Antivirus,它依賴于基于簽名的數(shù)據(jù)庫進行惡意軟件檢測。雖然基于簽名的防病毒軟件可以有效識別已知的惡意軟件,但它們無法區(qū)分新的惡意軟件。為了抵制基于簽名的限制,開發(fā)了啟發(fā)式掃描來研究可能暗示惡意意圖的命令。但惡意軟件通過屏蔽其惡意行為,則可能會逃脫啟發(fā)式掃描。Android惡意軟件的日益復雜性需要新的檢測策略,本文提出采...
【文章來源】:華北電力大學(北京)北京市 211工程院校 教育部直屬院校
【文章頁數(shù)】:125 頁
【學位級別】:博士
【文章目錄】:
Abstract
摘要
Dedication
Acronyms and Abbreviations
Chapter 1 Introduction
1.1 Introduction
1.2 Problem Statement
1.3 Objectives and Scope
1.4 Contributions
1.5 Contents Structure
Chapter 2 Background on Android and Android Malware
2.1 Introduction
2.2 Android Operating System as an Open Source Project
2.2.1 HAL Interface DefinitionLanguage
2.2.2 Android Application Structure
2.2.3 Android Application Components
2.2.4 Android Runtime
2.3. Literature Review
2.3.1 Android Malware Detection Using Static Analysis
2.3.2 Android Malware Detection Using Dynamic Analysis
2.3.3 Android Malware Detection Using Hybrid Analysis
2.4 Android Malware Detection using Data Mining and Machine LearningTechniques
2.5 Conclusion
Chapter 3 Methodology
3.1 Introduction
3.2 Data Collection Phase
3.3 Application Unpackaging and Decompilation Phase
3.4 Feature Extraction Phase
3.5 Feature Vector Construction
3.6 Machine Learning and Deep Learning
3.6.1 Machine Learning
3.6.2 Machine Learning Methods
3.6.3 Deep Learning
3.6.4 Deep Learning Methods
3.6.5 Deep Learning Classifier
3.6.6 Machine Learning Classifiers
3.7 Classification
3.8 Conclusion
Chapter 4 Android Malware Detection Using Deep Neural Networks
4.1 Introduction
4.2 Android Security
4.2.1 General Android Security
4.2.2 Android Permissions Model
4.3 SELinux in Android
4.4 Android Malware
4.5 Application Signing
4.6 Android Security Threats
4.6.1 Application-Based Threats
4.6.2 Internet-Based Threats
4.6.3 Network Threats
4.6.4 Physical Threats
4.7 Android Malware Detection Techniques
4.7.1 Static Analysis
4.7.2 Dynamic Analysis
4.7.3 Hybrid Analysis
4.8 Feature Distribution Between Benign Applications and Malicious applications
4.8.1 Permission Combinations Between Benign Applications and MaliciousApplications
4.8.2 API calls Between Benign Applications and Malicious Applications
4.8.3 Intent Flters Between Benign Applications and Malicious Applications
4.8.4 Presence of APK File in Asset Folder and Checking Validity of ApplicationCertificate
4.9 Experimental Setup
4.10 Malware Detection
4.11 Comparisons of Malware Detection Using Different Features Set
4.11.1 Malware Detection Using APIs
4.11.2 Malware Detection Using Permission Combinations
4.11.3 Malware Detection Using Intent Filters
4.11.4 Malware detection Using APIs+ Permission Combinations+Invalid Certificate+Presence of APK File in The Asset Folder
4.11.5 Malware Detection Using APIs+Intent-filters+Invalid Certificate+Presence ofAPK File in The Asset Folder
4.12 Comparisons of Malware Detection Using Different Features Set
4.13 Comparisons of Common Machine Learning Methods in Malware Detection
4.14 Comparison with Some Other Works in Literature
4.15 Limitations
4.16 Conclusion
Chapter 5 Android Malware Detection Using Autoencoder
5.1 Introduction
5.2 Android Malware Evolution
5.3 Background
5.4 Methodology
5.4.1 Apps De-compilation
5.4.2 Features Extraction
5.4.3 Feature Vector
5.4.4 Classification
5.5 Experimental Setup
5.6 Experimental Result
5.7 Comparisons of Malware Detection Using Different Features Set
5.7.1 Malware Detection Using API Calls
5.7.2 Malware Detection Using Permission Combinations
5.7.3 Malware Detection Using Intent Filters
5.7.4 Malware detection Using APIs+Permission Combinations+Invalid Certificate+Presence of APK File in The Asset Folder
5.7.5 Malware Detection Using APIs+Intent-filters+Invalid Certificate+Presence ofAPK File in The Asset Folder
5.8 Malware Detection Using Different Dataset Split
5.9 Comparing DNN Malware Detection with Autoencoder Malware Detection
5.10 Conclusion
Chapter 6 Conclusion
6.1 Conclusion
6.2 Future Work
References
Published Papers
About the author
【參考文獻】:
期刊論文
[1]Droid Detector:Android Malware Characterization and Detection Using Deep Learning[J]. Zhenlong Yuan,Yongqiang Lu,Yibo Xue. Tsinghua Science and Technology. 2016(01)
本文編號:3030127
【文章來源】:華北電力大學(北京)北京市 211工程院校 教育部直屬院校
【文章頁數(shù)】:125 頁
【學位級別】:博士
【文章目錄】:
Abstract
摘要
Dedication
Acronyms and Abbreviations
Chapter 1 Introduction
1.1 Introduction
1.2 Problem Statement
1.3 Objectives and Scope
1.4 Contributions
1.5 Contents Structure
Chapter 2 Background on Android and Android Malware
2.1 Introduction
2.2 Android Operating System as an Open Source Project
2.2.1 HAL Interface DefinitionLanguage
2.2.2 Android Application Structure
2.2.3 Android Application Components
2.2.4 Android Runtime
2.3. Literature Review
2.3.1 Android Malware Detection Using Static Analysis
2.3.2 Android Malware Detection Using Dynamic Analysis
2.3.3 Android Malware Detection Using Hybrid Analysis
2.4 Android Malware Detection using Data Mining and Machine LearningTechniques
2.5 Conclusion
Chapter 3 Methodology
3.1 Introduction
3.2 Data Collection Phase
3.3 Application Unpackaging and Decompilation Phase
3.4 Feature Extraction Phase
3.5 Feature Vector Construction
3.6 Machine Learning and Deep Learning
3.6.1 Machine Learning
3.6.2 Machine Learning Methods
3.6.3 Deep Learning
3.6.4 Deep Learning Methods
3.6.5 Deep Learning Classifier
3.6.6 Machine Learning Classifiers
3.7 Classification
3.8 Conclusion
Chapter 4 Android Malware Detection Using Deep Neural Networks
4.1 Introduction
4.2 Android Security
4.2.1 General Android Security
4.2.2 Android Permissions Model
4.3 SELinux in Android
4.4 Android Malware
4.5 Application Signing
4.6 Android Security Threats
4.6.1 Application-Based Threats
4.6.2 Internet-Based Threats
4.6.3 Network Threats
4.6.4 Physical Threats
4.7 Android Malware Detection Techniques
4.7.1 Static Analysis
4.7.2 Dynamic Analysis
4.7.3 Hybrid Analysis
4.8 Feature Distribution Between Benign Applications and Malicious applications
4.8.1 Permission Combinations Between Benign Applications and MaliciousApplications
4.8.2 API calls Between Benign Applications and Malicious Applications
4.8.3 Intent Flters Between Benign Applications and Malicious Applications
4.8.4 Presence of APK File in Asset Folder and Checking Validity of ApplicationCertificate
4.9 Experimental Setup
4.10 Malware Detection
4.11 Comparisons of Malware Detection Using Different Features Set
4.11.1 Malware Detection Using APIs
4.11.2 Malware Detection Using Permission Combinations
4.11.3 Malware Detection Using Intent Filters
4.11.4 Malware detection Using APIs+ Permission Combinations+Invalid Certificate+Presence of APK File in The Asset Folder
4.11.5 Malware Detection Using APIs+Intent-filters+Invalid Certificate+Presence ofAPK File in The Asset Folder
4.12 Comparisons of Malware Detection Using Different Features Set
4.13 Comparisons of Common Machine Learning Methods in Malware Detection
4.14 Comparison with Some Other Works in Literature
4.15 Limitations
4.16 Conclusion
Chapter 5 Android Malware Detection Using Autoencoder
5.1 Introduction
5.2 Android Malware Evolution
5.3 Background
5.4 Methodology
5.4.1 Apps De-compilation
5.4.2 Features Extraction
5.4.3 Feature Vector
5.4.4 Classification
5.5 Experimental Setup
5.6 Experimental Result
5.7 Comparisons of Malware Detection Using Different Features Set
5.7.1 Malware Detection Using API Calls
5.7.2 Malware Detection Using Permission Combinations
5.7.3 Malware Detection Using Intent Filters
5.7.4 Malware detection Using APIs+Permission Combinations+Invalid Certificate+Presence of APK File in The Asset Folder
5.7.5 Malware Detection Using APIs+Intent-filters+Invalid Certificate+Presence ofAPK File in The Asset Folder
5.8 Malware Detection Using Different Dataset Split
5.9 Comparing DNN Malware Detection with Autoencoder Malware Detection
5.10 Conclusion
Chapter 6 Conclusion
6.1 Conclusion
6.2 Future Work
References
Published Papers
About the author
【參考文獻】:
期刊論文
[1]Droid Detector:Android Malware Characterization and Detection Using Deep Learning[J]. Zhenlong Yuan,Yongqiang Lu,Yibo Xue. Tsinghua Science and Technology. 2016(01)
本文編號:3030127
本文鏈接:http://sikaile.net/kejilunwen/zidonghuakongzhilunwen/3030127.html
最近更新
教材專著
