检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:张福良 梁意文[1] 谭成予[1] ZHANG Fuliang;LIANG Yiwen;TAN Chengyu(School of Computer Science,Wuhan University,Wuhan 430072,China)
出 处:《计算机工程与应用》2021年第6期74-80,共7页Computer Engineering and Applications
基 金:国家自然科学基金(61877045)。
摘 要:针对现有Android恶意软件检测方法中存在的特征分析单一和固定化、对未知和潜伏性强的恶意软件检测能力弱等问题,构建一种Android恶意软件的人工自然杀伤细胞(Natural Killer cell,NK)检测模型。对人工自然杀伤细胞模型和树突状细胞算法(Dendritic Cell Algorithm,DCA)进行了研究,结合软件静态权限申请特征和动态API调用特征,经数据预处理后形成模型的各类输入信号。人工NK细胞输出刺激因子与DCA危险信号融合,提高了DCA的危险信号显著性,优化了DCA的检测过程。实验包含从VirusTotal等数据集选取的多种分类恶意软件样本1150个,良性软件样本1093个。实验结果表明与DCA和K-means等检测方法相比人工NK细胞检测模型提高了准确率并且降低了误报率。Aiming at the problems of single and immobilized characteristics in the existing detection methods of Android malware and weak detection ability against unknown and latent malware,a Natural Killer cell(NK)detection model of Android malware is constructed.The artificial natural killer cell model and Dendritic Cell Algorithm(DCA)are studied.Combining the characteristics of software static permission application and dynamic API call,various input signals of the model are formed after data preprocessing.The artificial NK cell output stimulating factor is fused with DCA danger signal,which improves the significance of DCA danger signal and optimizes the detection process of DCA.The experiment included 1,150 samples of various classified malware from VirusTotal and other data sets,and 1,093 samples of benign software.The experimental results show that compared with DCA and k-means,the detection model of artificial NK cells improves the accuracy and reduces the rate of false positives.
关 键 词:人工自然杀伤细胞模型 树突状细胞算法(DCA) 恶意软件
分 类 号:TP301.6[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.148.233.130