基于增量学习SVM的Android恶意应用检测方法  

Android Malware Detection Method Based on Incremental Learning with Support Vector Machine

在线阅读下载全文

作  者:熊祖涛[1] 

机构地区:[1]安庆职业技术学院电子信息系,安徽安庆246003

出  处:《嘉应学院学报》2016年第5期16-20,共5页Journal of Jiaying University

基  金:安徽省高校质量工程项目(2015jxtd074);安徽省高校质量工程项目(2015zy104)

摘  要:针对传统Android恶意应用检测方法在处理大规模样本时存在的训练时间长、存储空间消耗大的问题,提出一种基于增量学习SVM的Android恶意应用检测方法.该方法提取Android应用的权限申请和API函数调用特征,利用增量学习SVM理论将训练样本集随机划分为初始样本集和若干个增量样本集,利用循环迭代方法训练SVM分类器,每次新的训练仅保留上一轮训练得到的支持向量集并合并到新增样本集中,舍弃大量对分类结果不产生影响的样本以提高分类器学习效率,同时产生新的支持向量集,并最终得到一个高精度的SVM分类器.通过将增量学习SVM算法与基本SVM算法进行对比实验,结果表明,该算法可以有效降低分类器学习时间,减少样本存储的空间占用,同时随着样本规模的积累逐步提高分类精度.Aiming at the problem of consumption of the traditional Android detection method for malicious applications in dealing with large scale samples of long training time and storage space,and proposes a malicious application of detection methods for incremental learning based on Android SVM. The extraction method of Android application and API application permissions function call feature. Incremental learning SVM theory of training samples were randomly divided into initial sample set and a number of incremental samples. Each new training only retained the support vector on a training set and merged into a new sample of a lot of concentration. Abandonma the classification results does not affect the sample to improve the classifier learning efficiency,while generating new support vector sets help finally obtain a high precision SVM classifier. The incremental learning algorithm SVM algorithm and the SVM algorithm were compared. The results show that the algorithm can effectively reduce the learning time,reduce the sample storage space,at the same time as the sample size accumulated gradually increase the classification accuracy.

关 键 词:增量学习 SVM ANDROID 恶意应用检测 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象