基于深度神经网络的Android恶意软件检测
发布时间:2021-02-12 02:45
Android操作系统普遍存在,几乎可以在官方Google Play商店或十几个其他第三方市场中轻松访问所有应用程序。此外,智能手机在现代生活中的重要作用使得可以在设备上存储任何重要信息,不仅包括个人信息,还包括公司信息等。这些大量关键信息引起了非法者的广泛兴趣,他们可以通过Android恶意软件来获取信息。恶意软件可能会增加电话费用,向联系人列表发送未经认证的消息,收集用户信息或提供攻击者对设备的控制权等,近年来已成为移动安全领域关注的重要问题之一。针对Android恶意软件的第一道防御机制是官方Google Play商店中的Play Protect,它可以在使用Google官方商店或第三方商店下载应用程序和APK文件时进行验证。另一种防御机制是Android Antivirus,它依赖于基于签名的数据库进行恶意软件检测。虽然基于签名的防病毒软件可以有效识别已知的恶意软件,但它们无法区分新的恶意软件。为了抵制基于签名的限制,开发了启发式扫描来研究可能暗示恶意意图的命令。但恶意软件通过屏蔽其恶意行为,则可能会逃脱启发式扫描。Android恶意软件的日益复杂性需要新的检测策略,本文提出采...
【文章来源】:华北电力大学(北京)北京市 211工程院校 教育部直属院校
【文章页数】:125 页
【学位级别】:博士
【文章目录】:
Abstract
摘要
Dedication
Acronyms and Abbreviations
Chapter 1 Introduction
1.1 Introduction
1.2 Problem Statement
1.3 Objectives and Scope
1.4 Contributions
1.5 Contents Structure
Chapter 2 Background on Android and Android Malware
2.1 Introduction
2.2 Android Operating System as an Open Source Project
2.2.1 HAL Interface DefinitionLanguage
2.2.2 Android Application Structure
2.2.3 Android Application Components
2.2.4 Android Runtime
2.3. Literature Review
2.3.1 Android Malware Detection Using Static Analysis
2.3.2 Android Malware Detection Using Dynamic Analysis
2.3.3 Android Malware Detection Using Hybrid Analysis
2.4 Android Malware Detection using Data Mining and Machine LearningTechniques
2.5 Conclusion
Chapter 3 Methodology
3.1 Introduction
3.2 Data Collection Phase
3.3 Application Unpackaging and Decompilation Phase
3.4 Feature Extraction Phase
3.5 Feature Vector Construction
3.6 Machine Learning and Deep Learning
3.6.1 Machine Learning
3.6.2 Machine Learning Methods
3.6.3 Deep Learning
3.6.4 Deep Learning Methods
3.6.5 Deep Learning Classifier
3.6.6 Machine Learning Classifiers
3.7 Classification
3.8 Conclusion
Chapter 4 Android Malware Detection Using Deep Neural Networks
4.1 Introduction
4.2 Android Security
4.2.1 General Android Security
4.2.2 Android Permissions Model
4.3 SELinux in Android
4.4 Android Malware
4.5 Application Signing
4.6 Android Security Threats
4.6.1 Application-Based Threats
4.6.2 Internet-Based Threats
4.6.3 Network Threats
4.6.4 Physical Threats
4.7 Android Malware Detection Techniques
4.7.1 Static Analysis
4.7.2 Dynamic Analysis
4.7.3 Hybrid Analysis
4.8 Feature Distribution Between Benign Applications and Malicious applications
4.8.1 Permission Combinations Between Benign Applications and MaliciousApplications
4.8.2 API calls Between Benign Applications and Malicious Applications
4.8.3 Intent Flters Between Benign Applications and Malicious Applications
4.8.4 Presence of APK File in Asset Folder and Checking Validity of ApplicationCertificate
4.9 Experimental Setup
4.10 Malware Detection
4.11 Comparisons of Malware Detection Using Different Features Set
4.11.1 Malware Detection Using APIs
4.11.2 Malware Detection Using Permission Combinations
4.11.3 Malware Detection Using Intent Filters
4.11.4 Malware detection Using APIs+ Permission Combinations+Invalid Certificate+Presence of APK File in The Asset Folder
4.11.5 Malware Detection Using APIs+Intent-filters+Invalid Certificate+Presence ofAPK File in The Asset Folder
4.12 Comparisons of Malware Detection Using Different Features Set
4.13 Comparisons of Common Machine Learning Methods in Malware Detection
4.14 Comparison with Some Other Works in Literature
4.15 Limitations
4.16 Conclusion
Chapter 5 Android Malware Detection Using Autoencoder
5.1 Introduction
5.2 Android Malware Evolution
5.3 Background
5.4 Methodology
5.4.1 Apps De-compilation
5.4.2 Features Extraction
5.4.3 Feature Vector
5.4.4 Classification
5.5 Experimental Setup
5.6 Experimental Result
5.7 Comparisons of Malware Detection Using Different Features Set
5.7.1 Malware Detection Using API Calls
5.7.2 Malware Detection Using Permission Combinations
5.7.3 Malware Detection Using Intent Filters
5.7.4 Malware detection Using APIs+Permission Combinations+Invalid Certificate+Presence of APK File in The Asset Folder
5.7.5 Malware Detection Using APIs+Intent-filters+Invalid Certificate+Presence ofAPK File in The Asset Folder
5.8 Malware Detection Using Different Dataset Split
5.9 Comparing DNN Malware Detection with Autoencoder Malware Detection
5.10 Conclusion
Chapter 6 Conclusion
6.1 Conclusion
6.2 Future Work
References
Published Papers
About the author
【参考文献】:
期刊论文
[1]Droid Detector:Android Malware Characterization and Detection Using Deep Learning[J]. Zhenlong Yuan,Yongqiang Lu,Yibo Xue. Tsinghua Science and Technology. 2016(01)
本文编号:3030127
【文章来源】:华北电力大学(北京)北京市 211工程院校 教育部直属院校
【文章页数】:125 页
【学位级别】:博士
【文章目录】:
Abstract
摘要
Dedication
Acronyms and Abbreviations
Chapter 1 Introduction
1.1 Introduction
1.2 Problem Statement
1.3 Objectives and Scope
1.4 Contributions
1.5 Contents Structure
Chapter 2 Background on Android and Android Malware
2.1 Introduction
2.2 Android Operating System as an Open Source Project
2.2.1 HAL Interface DefinitionLanguage
2.2.2 Android Application Structure
2.2.3 Android Application Components
2.2.4 Android Runtime
2.3. Literature Review
2.3.1 Android Malware Detection Using Static Analysis
2.3.2 Android Malware Detection Using Dynamic Analysis
2.3.3 Android Malware Detection Using Hybrid Analysis
2.4 Android Malware Detection using Data Mining and Machine LearningTechniques
2.5 Conclusion
Chapter 3 Methodology
3.1 Introduction
3.2 Data Collection Phase
3.3 Application Unpackaging and Decompilation Phase
3.4 Feature Extraction Phase
3.5 Feature Vector Construction
3.6 Machine Learning and Deep Learning
3.6.1 Machine Learning
3.6.2 Machine Learning Methods
3.6.3 Deep Learning
3.6.4 Deep Learning Methods
3.6.5 Deep Learning Classifier
3.6.6 Machine Learning Classifiers
3.7 Classification
3.8 Conclusion
Chapter 4 Android Malware Detection Using Deep Neural Networks
4.1 Introduction
4.2 Android Security
4.2.1 General Android Security
4.2.2 Android Permissions Model
4.3 SELinux in Android
4.4 Android Malware
4.5 Application Signing
4.6 Android Security Threats
4.6.1 Application-Based Threats
4.6.2 Internet-Based Threats
4.6.3 Network Threats
4.6.4 Physical Threats
4.7 Android Malware Detection Techniques
4.7.1 Static Analysis
4.7.2 Dynamic Analysis
4.7.3 Hybrid Analysis
4.8 Feature Distribution Between Benign Applications and Malicious applications
4.8.1 Permission Combinations Between Benign Applications and MaliciousApplications
4.8.2 API calls Between Benign Applications and Malicious Applications
4.8.3 Intent Flters Between Benign Applications and Malicious Applications
4.8.4 Presence of APK File in Asset Folder and Checking Validity of ApplicationCertificate
4.9 Experimental Setup
4.10 Malware Detection
4.11 Comparisons of Malware Detection Using Different Features Set
4.11.1 Malware Detection Using APIs
4.11.2 Malware Detection Using Permission Combinations
4.11.3 Malware Detection Using Intent Filters
4.11.4 Malware detection Using APIs+ Permission Combinations+Invalid Certificate+Presence of APK File in The Asset Folder
4.11.5 Malware Detection Using APIs+Intent-filters+Invalid Certificate+Presence ofAPK File in The Asset Folder
4.12 Comparisons of Malware Detection Using Different Features Set
4.13 Comparisons of Common Machine Learning Methods in Malware Detection
4.14 Comparison with Some Other Works in Literature
4.15 Limitations
4.16 Conclusion
Chapter 5 Android Malware Detection Using Autoencoder
5.1 Introduction
5.2 Android Malware Evolution
5.3 Background
5.4 Methodology
5.4.1 Apps De-compilation
5.4.2 Features Extraction
5.4.3 Feature Vector
5.4.4 Classification
5.5 Experimental Setup
5.6 Experimental Result
5.7 Comparisons of Malware Detection Using Different Features Set
5.7.1 Malware Detection Using API Calls
5.7.2 Malware Detection Using Permission Combinations
5.7.3 Malware Detection Using Intent Filters
5.7.4 Malware detection Using APIs+Permission Combinations+Invalid Certificate+Presence of APK File in The Asset Folder
5.7.5 Malware Detection Using APIs+Intent-filters+Invalid Certificate+Presence ofAPK File in The Asset Folder
5.8 Malware Detection Using Different Dataset Split
5.9 Comparing DNN Malware Detection with Autoencoder Malware Detection
5.10 Conclusion
Chapter 6 Conclusion
6.1 Conclusion
6.2 Future Work
References
Published Papers
About the author
【参考文献】:
期刊论文
[1]Droid Detector:Android Malware Characterization and Detection Using Deep Learning[J]. Zhenlong Yuan,Yongqiang Lu,Yibo Xue. Tsinghua Science and Technology. 2016(01)
本文编号:3030127
本文链接:https://www.wllwen.com/kejilunwen/zidonghuakongzhilunwen/3030127.html
