|
|
论文:2020,Vol:38,Issue(5):965-970 |
|
|
引用本文: |
|
|
管峻, 刘慧英, 毛保磊, 蒋煦. 基于API配对的Android恶意应用检测[J]. 西北工业大学学报 |
|
|
GUAN Jun, LIU Huiying, MAO Baolei, JIANG Xu. Android Malware Detection Based on API Pairing[J]. Northwestern polytechnical university |
|
|
|
|
|
|
|
| 基于API配对的Android恶意应用检测 |
|
| 管峻1, 刘慧英1, 毛保磊1,2, 蒋煦1 |
|
1. 西北工业大学 自动化学院, 陕西 西安 710072;
2. 郑州大学, 河南 郑州 450000 |
| 摘要: |
| 针对基于Android应用程序申请权限的检测过于粗粒度的问题,提出了基于敏感应用程序编程接口(application program interface,API)配对的恶意应用检测方法。通过反编译应用程序提取危险权限对应的敏感API,将敏感API两两配对分别构建恶意应用无向图与良性应用无向图,再根据恶意应用和良性应用在敏感API调用上的差异分配相同边不同的权重,以此检测Android恶意应用。实验结果表明,提出的方法可以有效地检测出Android恶意应用程序,具有现实意义。 |
| 关键词:
安卓系统
权限
应用程序编程接口
恶意应用
|
|
| Android Malware Detection Based on API Pairing |
|
| GUAN Jun1, LIU Huiying1, MAO Baolei1,2, JIANG Xu1 |
|
1. School of Automation, Northwestern Polytechnical University, Xi'an 710072, China;
2. Zhengzhou University, Zhengzhou 450000, China |
| Abstract: |
| Aiming at the problem that the permission-based detection is too coarse-grained, a malware detection method based on sensitive application program interface(API) pairing is proposed. The method decompiles the application to extract the sensitive APIs corresponding to the dangerous permissions, and uses the pairing of the sensitive APIs to construct the undirected graph of malicious applications and undirected graph of benign applications. According to the importance of sensitive APIs in malware and benign applications, different weights on the same edge in the different graphs are assigned to detect Android malicious applications. Experimental results show that the proposed method can effectively detect Android malicious applications and has practical significance. |
| Key words:
Android
permission
application program interface (API)
malware detection
|
|
| 收稿日期: 2019-12-28
修回日期:
|
| DOI: 10.1051/jnwpu/20203850965 |
| 基金项目: 河南省高等学校重点科研项目(21A520041)资助 |
| 通讯作者:
Email: |
| 作者简介: 管峻(1983-),西北工业大学博士研究生,主要从事信息安全研究。
|
|
| 相关功能 |
|
|
|
|
| 作者相关文章 |
|
| 管峻 在本刊中的所有文章 |
| 刘慧英 在本刊中的所有文章 |
| 毛保磊 在本刊中的所有文章 |
| 蒋煦 在本刊中的所有文章 |
|
|
|
|
|
|
|
|
参考文献: |
|
|
[1] IDC. Smartphone Market Share[EB/OL]. (2019-01-24)[2019-11-12]. https://www.idc.com/promo/smartphone-market-share/os
[2] 中国互联网协会. 2019年中国网民权益保护调查报告[EB/OL]. (2019-05-29)[2019-11-02]. https://max.book118.com/html/2019/0630/813513211700203-2.shtm
[3] KABAKUS A T. What Static Analysis Can Utmost Offer for Android Malware Detection[J]. Information Technology and Control, 2019, 48(2):235-249
[4] HE Y, YANG X, HU B, et al. Dynamic Privacy Leakage Analysis of Android Third-Party Libraries[J]. Journal of Information Security and Applications, 2019, 46:259-270
[5] FARUKI P, BHARMAL A, LAXMI V, et al. Android Security:A Survey of Issues, Malware Penetration, and Defenses[J]. IEEE Communications Surveys & Tutorials, 2017, 17(2):998-1022
[6] ARORA A, PEDDOJU S K, CONTI M. PermPair:Android Malware Detection using Permission Pairs[J]. IEEE Trans on Information Forensics and Security, 2020, 15:1968-1982
[7] LIANG S, DU X. Permission-Combination-Based Scheme for Android Mobile Malware Detection[C]//Proceedings of the 2014 International Conference on Communications,Sydney, 2014:2301-2306
[8] MIRZAEI O, SUAREZ-TANGIL G, DE FUENTES J M, et al. Andrensemble:Leveraging Api Ensembles to Characterize Android Malware Families[C]//Proceedings of the 14th ACM Asia Conference on Computer and Communications Security, Aucland, 2019:307-314
[9] ZHOU H, ZHANG W, WEI F, et al. Analysis of Android Malware Family Characteristic Based on Isomorphism of Sensitive API Call Graph[C]//Proceedings of the 2nd International Conference on Data Science in Cyberspace(DSC), Shenzhen, 2017:319-327
[10] TAO G, ZHENG Z, GUO Z, et al. MalPat:Mining Patterns of Malicious and Benign Android Apps via Permission-Related APIs[J]. IEEE Trans on Reliability, 2018, 67(99):355-369 |
|
|
|
|
|
|
|
