计算机工程 ›› 2020, Vol. 46 ›› Issue (11): 174-180.doi: 10.19678/j.issn.1000-3428.0056277

• 网络空间安全 • 上一篇    下一篇

基于特征加权的深度学习Android恶意检测系统研究

葛文麒a, 杨清a, 廖俊国a, 何羽轩b   

  1. 湖南科技大学 a. 计算机科学与工程学院;b. 潇湘学院 计算机系, 湖南 湘潭 411201
  • 收稿日期:2019-10-14 修回日期:2019-12-10 发布日期:2019-12-19
  • 作者简介:葛文麒(1992-),男,硕士研究生,主研方向为移动网络安全;杨清、廖俊国,教授、博士;何羽轩,本科生。
  • 基金项目:
    国家自然科学基金(61772194)。

Research on Android Malware Detection System Using Deep Learning Based on Feature Weighting

GE Wenqia, YANG Qinga, LIAO Junguoa, HE Yuxuanb   

  1. a. School of Computer Science and Engineering;b. Department of Computer, Xiaoxiang College, Hunan University of Science and Technology, Xiangtan, Hunan 411201, China
  • Received:2019-10-14 Revised:2019-12-10 Published:2019-12-19

摘要: 当前Android系统恶意应用程序数量增长迅猛,然而传统检测系统无法对其进行快速有效检测,移动终端安全性面临严重威胁。提出一种将特征加权与双向长短期记忆(Bi-LSTM)神经网络深度学习算法相结合的恶意检测系统。采用静态分析方法从恶意与良性应用程序中提取不同类型行为特征,利用特征加权方法消除噪声与不相关因素后构建特征向量,使用Bi-LSTM深度学习算法优化行为特征参数,并设计恶意与良性应用程序分类模型,建立特征加权与深度学习算法相结合的恶意应用程序检测系统。实验结果表明,与支持向量机、RNN等传统检测系统相比,该系统对恶意应用程序具有较高的检测精度与准确率。

关键词: Android系统, 恶意应用, 特征加权, 深度学习, 双向长短期记忆神经网络

Abstract: At present the rapidly growing malicious applications in Android systems have imposed significant threats to the security of mobile terminals,but the traditional detection systems fail to detect them quickly and effectively.To address the problem,this paper proposes a malware detection system which combines feature weighting with the deep learning algorithm using Bidirectional Long Short-Term Memory (Bi-LSTM) neural network.The static analysis method is used to extract different types of behavior features from malicious and normal applications.The feature weighting method is used to eliminate noise and irrelevant factors to construct feature vectors.The Bi-LSTM-based deep learning algorithm is used to optimize the behavior feature parameters.Then a classification model for malicious and normal applications is designed,and on this basis a detection system for malicious applications combining feature weighting and the deep learning algorithm is constructed.Experimental results show that compared with traditional detection systems such as Support Vector Machine(SVM) and RNN,the proposed system has higher precision and accuracy in malicious application detection.

Key words: Android system, malware application, feature weighting, deep learning, Bidirectional Long Short-Term Memory(Bi-LSTM) neural network

中图分类号: