摘要
为了对安卓(Android)恶意应用程序进行检测,对其危险程度进行量化,并满足大批量样本的安全审计需求,提出一种基于权限的Android应用安全审计方法.使用数据挖掘方法分析权限信息,依据支持度和分离度构建评价指标集;基于改进的优序图法确定评价指标权重,建立权重矩阵;依据权重矩阵对安卓应用程序进行评估,通过逻辑回归方法检出恶意应用,并给出量化的评估值.使用抓取自网络的真实样本进行实验,结果表明可以有效检测恶意应用,评估值也能直观地反映应用的危险程度,对恶意应用和正常应用分类的准确度达到92.7%,与现有相关工作相比效率表现更优.
A permission-based application security evaluation method was proposed to detect Android malware and quantify applications security risk for large scale samples.A data mining algorithm was designed to discover permission itemsets as evaluation indices according to their support and divisive value.An improved precedence chart was used to determine the indices weights,which were embedded into an evaluation matrix.Android applications were evaluated based on the evaluation matrix;malwares were detected by logistic regression;security risks were evaluated by a certain value.Experiments with real sample applications show that this method performs high accuracy on malware detection up to 92.7% and lower time cost than current methods.
出处
《浙江大学学报(工学版)》
EI
CAS
CSCD
北大核心
2017年第3期590-597,共8页
Journal of Zhejiang University:Engineering Science
基金
国家科技支撑计划资助项目(2012BAH47B01)
国家自然科学基金资助项目(61271252)
关键词
安卓
权限
恶意程序
静态分析
移动安全
Android
permission
malware
static analysis
mobile security
