Android Malware Classification Approach Based on Host-Level Encrypted Traffic Shaping

机译：基于主机级加密流量整形的Android恶意软件分类方法

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

With the development of mobile terminals, smartphones have attracted a very huge number of users with their powerful functions. Among them, Android system is famous for its open-source and convenience, which occupies a large market share. But this also leads many attackers to use their malware to gain benefits quickly, which make it necessary to design a practical android malware detection approach. At present, there are not many pieces of research on detecting malware by analyzing Android malicious traffic. This paper examines the characteristics of malicious traffic on the host computer to construct a traffic fingerprint. It combines machine learning algorithms to build a practical detection approach which is also suitable for encrypted traffic. To distinguish similar fuzzy traffic, an additional layer named confusion classifier is added to help further malware classification. This paper uses a realworld dataset called CICAndMal2017 and simulates two classification scenarios: malware binary detection and malware category classification. The experimental results show that the accuracy of the malware binary detection reached 98.8% while the accuracy rate of malware category classification is 95.2%.

机译：随着移动终端的发展，智能手机吸引了具有强大功能的非常大量的用户。其中，Android系统以其开源和便利而闻名，占据了大量的市场份额。但这也导致许多攻击者使用恶意软件快速获得福利，这使得有必要设计一个实用的Android恶意软件检测方法。目前，通过分析Android恶意流量，没有许多关于检测恶意软件的研究。本文介绍了主机上的恶意流量的特征，以构建流量指纹。它结合了机器学习算法来构建一种实用的检测方法，该方法也适用于加密流量。为了区分类似的模糊流量，添加了一个名为Conumivion Classifier的附加层以帮助进一步恶意软件分类。本文使用名为Cicandmal2017的RealWorld数据集，并模拟两个分类方案：恶意软件二进制检测和恶意软件类别分类。实验结果表明，恶意软件二进制检测的准确性达到98.8％，而恶意软件类别分类的准确率为95.2％。

著录项

来源
《International Computer Conference on Wavelet Active Media Technology and Information Processing》|2020年|246-249|共4页
会议地点
作者
Jie Zhou; Weina Niu; Xiaosong Zhang; Yujie Peng; Hao Wu; Teng Hu;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Malware; Feature extraction; Telecommunication traffic; Smart phones; Cryptography; Ransomware; Monitoring;

机译：恶意软件;特征提取;电信交通;智能手机;加密;赎金软件;监控;

相似文献

外文文献
中文文献
专利

1. Machine Learning for Encrypted Malware Traffic Classification: Accounting for Noisy Labels and Non-Stationarity [J] . Blake Anderson, David McGrew SIGKDD explorations . 2017,第CDaROM期

机译：加密恶意软件流量分类的机器学习：嘈杂标签和非实用性的会计
2. Enhanced Android Malware Detection and Family Classification, using Conversation-level Network Traffic Features [J] . Abuthawabeh Mohammad, Mahmoud Khaled The international arab journal of information technology . 2020,第4A期

机译：增强了Android恶意软件检测和家庭分类，使用对话级网络流量功能
3. ENTROPY-BASED FEATURE EXTRACTION ALGORITHM FOR ENCRYPTED AND NON-ENCRYPTED COMPRESSED TRAFFIC CLASSIFICATION [J] . ZHENGZHI TANG, XUEWEN ZENG, YIQIANG SHENG International Journal of Innovative Computing Information and Control . 2019,第3期

机译：基于熵的加密和非加密压缩流量分类的特征提取算法
4. Android Malware Detection and Classification Based on Network Traffic Using Deep Learning [C] . Mahshid Gohari, Sattar Hashemi, Lida Abdi International Conference on Web Research . 2021

机译：基于网络流量的Android恶意软件检测和使用深度学习
5. A systematic approach to feature selection for encrypted network traffic classification. [D] . Semeniuk, Trevor John. 2013

机译：一种用于加密网络流量分类的特征选择的系统方法。
6. OpCode-Level Function Call Graph Based Android Malware Classification Using Deep Learning [O] . Weina Niu, Rong Cao, Xiaosong Zhang, 2020

机译：操作系统级别函数呼叫图基于Android恶意软件分类使用深度学习
7. Flow-based Detection and Proxy-based Evasion of Encrypted Malware C2 Traffic [O] . Carlos Novo, Ricardo Morla 2020

机译：基于流的检测和基于代理的加密恶意软件C2流量的逃避

Android Malware Classification Approach Based on Host-Level Encrypted Traffic Shaping

摘要

著录项

相似文献

相关主题

期刊订阅