API CALL GRAPH EXTRACTION-BASED METHOD FOR DETECTING MALICIOUS BEHAVIOR PATTERNS IN MOBILE APPLICATION, AND RECORDING MEDIUM AND DEVICE FOR PERFORMING SAME

摘要

An API call graph (ACG) extraction-based method for detecting malicious behavior patterns in a mobile application comprises the steps of: extracting an ACG, which is a call flow of APIs, from normal applications and applications conducting malicious behavior; generating a training dataset for deep learning from the extracted ACG and vectorizing the training dataset; training on the vectorized training dataset to generate a deep learning algorithm prediction model; extracting ACG features used for malicious behavior from the generated prediction model, and extracting malicious behavior patterns from the intersection between the malicious applications; and classifying applications conducting malicious behavior through similarity comparisons between the extracted malicious behavior patterns and a pattern extracted from a target application. Accordingly, the malicious behavior itself can be detected using the ACG that is the call flow of the API.