基于深度学习的Android恶意软件动态检测  被引量:1

Android malware dynamic detection method based on deep learning

在线阅读下载全文

作  者:张雪芹[1] 王逸璇 赵敏[1] ZHANG Xue-qin;WANG Yi-xuan;ZHAO Min(School of Information Science and Engineering,East China University of Science and Technology,Shanghai 200237,China)

机构地区:[1]华东理工大学信息科学与工程学院,上海200237

出  处:《计算机工程与设计》2024年第1期10-16,共7页Computer Engineering and Design

基  金:国家自然科学基金项目(51975213)。

摘  要:为提高Android恶意软件的检测精度,提出一种基于改进DenseNet网络的Android恶意软件动态检测方法。以应用软件运行特定阶段的网络通信流量为分析对象,根据会话五元组信息切分原始网络流量并转换为灰度图,提出一种基于DenseNet网络改进的分类检测网络DenseNet_IS。通过添加具有不同大小卷积核的卷积分支获取不同感受野的特征,通过引入SimAM注意力模块,从空间和通道两个维度实现对重要特征的关注。结合应用软件判决机制,实现最终分类。在CICAndMal2017数据集上的实验结果表明,所提方法可以达到99.06%的良恶性检测精度和96.51%的多分类精度,验证了该方法的有效性。To improve the detection accuracy of Android malware,a dynamic detection method of Android malware based on improved DenseNet network was proposed.Taking the network traffic in the specific stage of application software operation as the analysis object,according to the five tuple information of session,the original network traffic was segmented and converted into gray image,and an improved classification detection network DenseNet_IS based on DenseNet was proposed.The features of different receptive fields were obtained by adding convolution branches with different sizes of convolution kernels.The attention to important features was realized from the two dimensions of space and channel by introducing SimAM attention module.Combining with the decision mechanism of application software,the final classification was realized.Experimental results on CICAndMal2017 dataset show that the accuracy of the proposed method can achieve 99.06%on binary classification and 96.51%on multi-classification,which verifies the effectiveness of the method.

关 键 词:ANDROID系统 恶意软件 异常检测 网络流量 DenseNet 注意力机制 流量灰度图 

分 类 号:TP399[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象