DroidChain: A novel Android malware detection method based on behavior chains

Wang Zhaoguo; Li Chenglong; Yuan Zhenlong; Guan Yi; Xue Yibo

首页> 外文期刊>Pervasive and Mobile Computing >DroidChain: A novel Android malware detection method based on behavior chains

【24h】

DroidChain: A novel Android malware detection method based on behavior chains

机译：DroidChain：一种基于行为链的新型Android恶意软件检测方法

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

The drastic increase of Android malware has led to strong interest in automating malware analysis. In this paper, to fight against malware variants and zero-day malware, we proposed DroidChain: a method combining static analysis and a behavior chain model. We transform the malware detection problem into more accessible matrix form. Using this method, we propose four kinds of malware models, including privacy leakage, SMS financial charges, malware installation, and privilege escalation. To reduce time complexity, we propose the WxShall-extend algorithm. We had moved the prototype to GitHub and evaluate using 1260 malware samples. Experimental malware detection results demonstrate accuracy, precision, and recall of 73%-93%, 71%-99%, and 42%-92%, respectively. Calculation time accounts for 6.58% of the well-known Warshall algorithm's expense. Results demonstrate that our method, which can detect four kinds of malware simultaneously, is better than Androguard and Kirin. (C) 2016 Elsevier B.V. All rights reserved.

机译：Android恶意软件的激增引起了人们对自动化恶意软件分析的强烈兴趣。在本文中，为了对抗恶意软件变体和零时差恶意软件，我们提出了DroidChain：一种将静态分析和行为链模型相结合的方法。我们将恶意软件检测问题转换为更易于访问的矩阵形式。使用这种方法，我们提出了四种恶意软件模型，包括隐私泄露，SMS财务费用，恶意软件安装和特权升级。为了减少时间复杂度，我们提出了WxShall-extend算法。我们已将原型移至GitHub，并使用1260个恶意软件样本进行了评估。实验性恶意软件检测结果表明，准确性，准确性和召回率分别为73％-93％，71％-99％和42％-92％。计算时间占著名的Warshall算法费用的6.58％。结果表明，我们的方法可以同时检测四种恶意软件，优于Androguard和Kirin。（C）2016 Elsevier B.V.保留所有权利。

著录项

来源
《Pervasive and Mobile Computing》 |2016年第null期|共12页
作者
Wang Zhaoguo; Li Chenglong; Yuan Zhenlong; Guan Yi; Xue Yibo;
展开▼
作者单位

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类计算技术、计算机技术;
关键词
Android malware; Behavior chain; Privacy leakage; SMS financial charge; Malware installation; Privilege escalation;

机译：Android恶意软件;行为链;隐私泄漏;SMS财务费用;恶意软件安装;特权升级;

相似文献

外文文献
中文文献
专利

1. DroidChain: A novel Android malware detection method based on behavior chains [J] . Wang Zhaoguo, Li Chenglong, Yuan Zhenlong, Pervasive and Mobile Computing . 2016,第Null期

机译：DroidChain：一种基于行为链的新型Android恶意软件检测方法
2. M0Droid: An Android Behavioral-Based Malware Detection Model [J] . Mohsen Damshenas, Ali Dehghantanha, Kim-Kwang Raymond Choo, Journal of information privacy & security: JIPS . 2015,第3期

机译：M0Droid：基于Android行为的恶意软件检测模型
3. MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models (Extended Version) [J] . Onwuzurike Lucky, Mariconti Enrico, Andriotis Panagiotis, ACM Transaction on Information and System Security . 2019,第2期

机译：MaMaDroid：通过构建行为模型的马尔可夫链来检测Android恶意软件（扩展版）
4. DroidChain: A novel malware detection method for Android based on behavior chain [C] . Zhaoguo Wang, Chenglong Li, Yi Guan, 2015 IEEE Conference on Communications and Network Security . 2015

机译：DroidChain：一种基于行为链的新型Android恶意软件检测方法
5. Android Malware Detection Using Step-Size Based Multilayered Vector Space Models [D] . Parker, Colby 2018

机译：使用基于步长的多层向量空间模型进行Android恶意软件检测
6. Detecting and classifying method based on similarity matching of Android malware behavior with profile [O] . Jae-wook Jang, Jaesung Yun, Aziz Mohaisen, -1

机译：基于Android恶意软件行为与配置文件相似度匹配的检测分类方法
7. An Efficient Android Malware Detection System Based on Method-Level Behavioral Semantic Analysis [O] . Hanqing Zhang, Senlin Luo, Yifei Zhang, 2019

机译：基于方法级行为语义分析的高效Android恶意软件检测系统

DroidChain: A novel Android malware detection method based on behavior chains

摘要

著录项

相似文献

相关主题

期刊订阅