...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Future generation computer systems >SaaS: A situational awareness and analysis system for massive android malware detection
【24h】

SaaS: A situational awareness and analysis system for massive android malware detection

机译:SaaS:用于大规模Android恶意软件检测的情境意识和分析系统

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

A large amount of mobile applications (Apps) are uploaded, distributed and updated in various Android markets, e.g., Google Play and Huawei AppGallery every day. One of the ongoing challenges is to detect malicious Apps (also known as malware) among those massive newcomers accurately and efficiently in the daily security management of Android App markets. Customers rely on those detection results in the selection of Apps upon downloading, and undetected malware may result in great damages. In this paper, we propose a cloud-based malware detection system called SaaS by leveraging and marrying multiple approaches from diverse domains such as natural language processing (n-gram), image processing (GLCM), cryptography (fuzzy hash), machine learning (random forest) and complex networks. We firstly extract n-gram features and GLCM features from an App's smali code and DEX file, respectively. We next feed those features into training data set, to create a machine learning detect model. The model is further enhanced by fuzzy hash to detect whether inspected App is repackaged or not. Extensive experiments (involving 1495 samples) demonstrates that the detecting accuracy is more than 98.5%, and support a large-scale detecting and monitoring. Besides, our proposed system can be deployed as a service in clouds and customers can access cloud services on demand. (C) 2018 Elsevier B.V. All rights reserved.
机译:在各种Android市场上上传,分发和更新了大量的移动应用程序(应用程序),例如,每天都有Google Play和Huawei Appgallery。其中一个持续的挑战是在Android App Markets的日常安全管理中准确,有效地检测这些大规模的新人之间的恶意应用程序(也称为恶意软件)。客户依赖于这些检测结果在下载时选择应用程序,并且未检测到的恶意软件可能会导致巨大的损坏。在本文中,我们提出了一种基于云的恶意软件检测系统,通过利用来自不同域(N-GRAM),图像处理(GLCM),加密(模糊散列),机器学习(随机森林)和复杂的网络。我们首先从应用程序的Smali代码和DEX文件中提取N-GRAM功能和GLCM功能。我们接下来将这些功能归入训练数据集,以创建机器学习检测模型。通过模糊散列进一步增强了模型来检测检查应用是否重新包装。广泛的实验(涉及1495个样品)表明检测精度超过98.5%,并支持大规模的检测和监测。此外,我们的建议系统可以部署为云中的服务,客户可以根据需求访问云服务。 (c)2018年elestvier b.v.保留所有权利。

著录项

  • 来源
    《Future generation computer systems》 |2019年第6期|548-559|共12页
  • 作者

    Zhang Yaocheng; Ren Wei; Zhu Tianqing; Ren Yi;

  • 作者单位

    China Univ Geosci Sch Comp Sci Wuhan Hubei Peoples R China;

    China Univ Geosci Sch Comp Sci Wuhan Hubei Peoples R China|China Univ Geosci Wuhan Hubei Key Lab Intelligent Geoinformat Proc Wuhan Hubei Peoples R China|GuiZhou Univ Guizhou Prov Key Lab Publ Big Data Guiyang Guizhou Peoples R China;

    China Univ Geosci Sch Comp Sci Wuhan Hubei Peoples R China|Univ Technol Sydney Sch Software Ultimo NSW 2007 Australia;

    Univ East Anglia Sch Comp Sci Norwich Norfolk England;

  • 收录信息 美国《科学引文索引》(SCI);美国《工程索引》(EI);
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    N-GRAM; Machine learning; Fuzzy hash; GLCM; Cloud;

    机译:n-gram;机器学习;模糊哈希;glcm;云;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号