To solve the problem that using a single feature cannot play the role of multiple features of Android application in malicious code detection, an Android malicious code detection mechanism is proposed based on integrated learning on the basis of dynamic and static detection. Considering three types of Android behavior characteristics, a three-layer hybrid algorithm was proposed. And it combined the malicious code detection based on digital signature to improve the detection efficiency. The digital signature of the known malicious code was extracted to form a malicious sample library. The authority that can reflect Android malicious behavior, API call and the running system call features were also extracted. An expandable hybrid discriminant algorithm was designed for the above three types of features. The algorithm was tested with machine learning method by constructing the optimal classifier suitable for the above features. Finally, the Android malicious code detection system was designed and implemented based on the multi-layer hybrid algorithm. The experimental results show that the system performs Android malicious code detection based on the combination of signature and dynamic and static features. Compared with other related work, the system has better performance in execution efficiency and detection rate.
展开▼
机译:The Thorax:A Integrated Approach Lee,2003年LeeD The Thorax:A Integrated Approach 2nd ed.2003 Diane G Lee Physiotherapist Corporation White Rocks,Canada0-9732363-0-2144 pp。