检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]数学工程与先进计算国家重点实验室,河南郑州450001
出 处:《浙江大学学报(工学版)》2017年第3期590-597,共8页Journal of Zhejiang University:Engineering Science
基 金:国家科技支撑计划资助项目(2012BAH47B01);国家自然科学基金资助项目(61271252)
摘 要:为了对安卓(Android)恶意应用程序进行检测,对其危险程度进行量化,并满足大批量样本的安全审计需求,提出一种基于权限的Android应用安全审计方法.使用数据挖掘方法分析权限信息,依据支持度和分离度构建评价指标集;基于改进的优序图法确定评价指标权重,建立权重矩阵;依据权重矩阵对安卓应用程序进行评估,通过逻辑回归方法检出恶意应用,并给出量化的评估值.使用抓取自网络的真实样本进行实验,结果表明可以有效检测恶意应用,评估值也能直观地反映应用的危险程度,对恶意应用和正常应用分类的准确度达到92.7%,与现有相关工作相比效率表现更优.A permission-based application security evaluation method was proposed to detect Android malware and quantify applications security risk for large scale samples.A data mining algorithm was designed to discover permission itemsets as evaluation indices according to their support and divisive value.An improved precedence chart was used to determine the indices weights,which were embedded into an evaluation matrix.Android applications were evaluated based on the evaluation matrix;malwares were detected by logistic regression;security risks were evaluated by a certain value.Experiments with real sample applications show that this method performs high accuracy on malware detection up to 92.7% and lower time cost than current methods.
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.3