移动网络中恶意代码优化检测仿真研究

发布时间：2018-08-03 19:47

【摘要】：针对现有移动恶意代码检测准确率低和检测器生成质量差等问题,为了提高检测器对非我空间的覆盖率,提出了一种基于超椭球免疫理论的移动恶意代码检测模型。利用动态和静态分析结合的方法全面提取和表征移动恶意代码特征,采用超椭球对免疫检测器进行编码。基于阴性选择算法通过免疫耐受生成成熟检测器,对亲和度较高的超椭球检测器进行克隆变异实现检测器的优化,获得检测性能更加优良的变异后代。最后,对收集的Android恶意应用样本进行仿真,结果表明,所提出模型生成的超椭球检测器具有较高的恶意代码检测效率和准确率。
[Abstract]:Aiming at the problems of low detection accuracy and poor generation quality of mobile malicious code, a mobile malicious code detection model based on hyper-ellipsoid immune theory is proposed in order to improve the coverage of detector to non-self space. Dynamic and static analysis were used to extract and characterize the mobile malicious code and the super-ellipsoid was used to encode the immune detector. Based on the negative selection algorithm, a mature detector is generated by immune tolerance, and the super-ellipsoid detector with high affinity is cloned and mutated to optimize the detector. Finally, the Android malicious application samples collected are simulated, and the results show that the super-ellipsoid detector generated by the proposed model has higher detection efficiency and accuracy of malicious code.
【作者单位】： 中国人民公安大学网络空间安全与法治协同创新中心;中国人民公安大学信息技术与网络安全学院;中国移动通信有限公司研究院;
【基金】：国家自然科学基金(61602489) 赛尔网络下一代互联网技术创新项目(NGII20160405)
【分类号】：TP393.08
，

本文编号：2162820