Android malware flooding is based on the characteristics of its openness,existing solutions are based on static or dynamic unilateral features,discriminant algorithm depends more on learning samples,and the accuracy rate has some restrictions.In order to solve these problems,this paper proposed a computer immune malware detection model which combines the static privilege characteristics and dynamic behavior characteristics of Android software.Combining the characteristics of static privilege and dynamic behavior,the characteristic system of Android software was constructed.After pretreatment,it was mapped to DCA.The software was detected by using the lightweight algorithm DCA without sample learning.The experiment proved that the model could effectively detect malicious software.%安卓系统因其开放性的特点导致恶意软件泛滥,现有方法多考虑静态或动态单方面特征,判别算法多依赖于学习样本,且准确率有一定的限制.为解决上述问题,提出结合安卓软件的静态权限特征与动态行为特征的计算机免疫恶意软件检测模型.结合静态权限特征与动态行为特征,构建安卓软件的特征体系,经预处理后映射为树突状细胞算法DCA(Dendritic Cell Algorithm)的各类信号,使用无需样本学习的轻量级算法DCA进行恶意软件检测.实验证明该模型可以有效检测恶意软件.
展开▼
