期刊
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS
卷 22, 期 -, 页码 13337-13350出版社
SPRINGER
DOI: 10.1007/s10586-018-1904-x
关键词
Android required permission; Android used permission; Malware detection; Permission pattern; Contrasting mining
资金
- National Natural Science Foundation of China [61402185]
- Science Foundation of Guangdong Provincial Communications Department [2015-02-064]
- Natural Science Foundation of Guangdong Province [2015A030313382]
- Guangdong Provincial Public Research and Capacity Building Foundation [2015A020217011, 2016A020223012]
- STPF of University in Shandong Province of China [J17KA161]
- South China Normal University-Bluedon Information Security Technologies Co., Ltd [LD20170201]
Android system uses a permission mechanism to allow users and developers to regulate access to private information and system resources required by Android applications (apps). Permissions can be behaviors and characteristics of an app, and widely used by Android malware detection. This paper designs a novel method to extract contrasting permission patterns for comparing the differences between Android benign apps and malware based on permissions, and use these differences to detect Android malware. Unlike existing works, this work first analyzes required and used permission. Then use support-based permission candidate method to mining unique required or used permission patterns, and use these patterns to detect Android malware. In experiment, this approach uses permission patterns from Androidmalware to detect a mixed Android app dataset. The results show that the proposed method can achieve 94% accuracy, 5% false positive, and 1% false negative.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据
分享论文
