JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE) ›› 2017, Vol. 47 ›› Issue (1): 42-47.doi: 10.6040/j.issn.1672-3961.1.2016.150

Previous Articles     Next Articles

Android malware detection based on SVM

ZHANG Yuling, YIN Chuanhuan*   

  1. School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China
  • Received:2016-03-31 Online:2017-02-20 Published:2016-03-31

PDF (PC)

1203

Abstract: In order to detect malware effectively and reduce the threat of malicious software on Android platform security, two strategies that were probability statistics embedding and feature extraction were proposed based on the analysis of existing data sets.These strategies were used to transform high-dimensional data into low-dimensional data so as to reduce the dimension and the uncertainty of the extracted features. Support vector machine were used to classify these data. With these strategies, the time complexity of training process was reduced to 16.7 percent of the original time, and the ability of detecting unknown malware families was improved obviously. Moreover, these strategies were used with some popular classification algorithms, and the experimental results revealed that these strategies could achieve a better detection rate.

Key words: Android malware, SVM, probability statistics, feature extraction, dimensionality reduction

CLC Number: 

  • TP391
[1] STRATEGY Analytics. Android captures record 88 percent share of globalsmartphone shipments in Q3 2016[EB/OL]. [2016-11-17]. https://www.strategyanalytics.com/strategy-analytics.
[2] MOBILE Security. 2014 Mobile Threat Report[EB/OL]. [2016-11-17]. https://www.lookout.com/resources/reports/mobile-threat-report.
[3] LI Jun. 360发布手机安全报告恶意程序去年增4倍[J]. 计算机与网络, 2015, 41(3):89-89. LIU J. 360 delivered Mobile Security Report: Malicious programs increased four times last year[J].Computer & Network, 2015, 41(3):89-89.
[4] 丰生强. Android 软件安全与逆向分析[M]. 北京:人民邮电出版社, 2013.
[5] BURGUERA I, ZURUTUZA U, NADJM-TEHRANI S. Crowdroid: behavior-based malware detection system for Android[C] //ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. Chicago, Illinois, USA: ACM, 2011: 15-26.
[6] TAM K, KHAN S J, FATTORI A, et al. CopperDroid: Automatic reconstruction of Android malware behaviors[C] //Proceedings of the Symposium on Network and Distributed System Security. San Diego, CA, USA: NDSS, 2015.
[7] ENCK W, GILBERT P, HAN S, et al. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smart phones[J]. ACM Transactions on Computer Systems, 2014, 32(2):393-407.
[8] ENCK W, ONGTANG M, MCDANIEL P. On lightweight mobile phone application certification[C] //Proceedings of the 16th ACM Conference on Computer and Communications Security. New York, USA: ACM, 2009: 235-245.
[9] FELT A P, CHIN E, HANNA S, et al. Android permissions demystified[C] //Proceedings of the 18th ACM Conference on Computer and Communications Security. New York, USA: ACM, 2011: 627-638.
[10] GRACE M, ZHOU Y, ZHANG Q, et al. RiskRanker: scalable and accurate zero-day Android malware detection[C] //Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services. New York, USA: ACM, 2012: 281-294.
[11] YUAN Z, LU Y, WANG Z, et al. Droid-Sec: deep learning in android malware detection[C] //Proceedings of the 2014 ACM conference on SIGCOMM. New York, USA: ACM, 2014: 371-372.
[12] SHEEN S A, NITHA R, NATARAJAN V. Android based malware detection using a multifeature collaborative decision fusion approach[J]. Neurocomputing, 2015, 151:905-912.
[13] ARP D, PREITZENBARTH M S, HÜBNER M, et al. Drebin: effective and explainable detection of android malware in your pocket[C] //Proceedings of the Annual Symposium on Network and Distributed System Security. San Diego, CA, USA: NDSS, 2014.
[14] ZHOU Y, JIANG X. Dissecting Android malware: characterization and evolution[C] //IEEE Symposium on Security & Privacy. San Francisco, CA, USA: IEEE, 2012: 95-109.
[15] CORMEN T H. Introductionto Algorithms[M]. Massachusetts: MIT Press, 2009.
[16] BLOOM B H. Space/time tradeoffs in hash coding with allowable errors[J]. Communication of the ACM, 1970, 13(7):422-426.
[17] FAN R E, CHANG K W, HSIEH C J, et al. LIBLINEAR: A library for large linear classification[J]. Journal of Machine Learning research(JMLR), 2008, 9:1871-1874.
[18] CORTES C, VAPNIK V. Support-vector networks[J]. Machine Learning, 1995, 20(3):273-297.
[19] 吴倩,赵晨啸,郭莹.Android安全机制解析与应用实践[M].北京:机械工业出版社,2013.
[20] AVDIIENKO V, KUZNETSOV K, GORLA A, et al. Mining apps for abnormal usage of sensitive data[C] //2015 IEEE/ACM 37th IEEE International Conference on Software Engineering. Florence, Italy: IEEE, 2015,1: 426-436.
[21] CHANG C C, LIN C J. LIBSVM: a library for support vector machines[J]. ACM Transactions on Intelligent Systems and Technology, 2011, 2(3):1-27.
[1] Ying LI,Jiankun WANG. The classification of mild cognitive impairment based on supervised graph regularization and information fusion [J]. Journal of Shandong University(Engineering Science), 2023, 53(4): 65-73.
[2] Xiaoyan QI,Hengjie LIU,Qiuhua HOU,Xiaoyu LIU,Yanchao TAN,Liancheng WANG. Short-term load forecasting of iron and steel industry area based on combination model of SVM and LSTM [J]. Journal of Shandong University(Engineering Science), 2021, 51(4): 91-98.
[3] YIN Xiaomin, MENG Xiangjian, HOU Kunming, CHEN Yaxiao, GAO Feng. Correction method for historical output data of photovoltaic power plant considering spatial correlation based on artificial neural network [J]. Journal of Shandong University(Engineering Science), 2021, 51(4): 118-123.
[4] Chunhong CAO,Hongxuan DUAN,Ling CAO,Lele ZHANG,Kai HU,Fen XIAO. Real-time semantic segmentation of high-resolution remote sensing image based on multi-level feature cascade [J]. Journal of Shandong University(Engineering Science), 2021, 51(2): 19-25.
[5] SUN Donglei, WANG Yan, YU Yixiao, HAN Xueshan, YANG Ming, YAN Fangqing. Interval prediction of short-term regional photovoltaic power based on BP neural network [J]. Journal of Shandong University(Engineering Science), 2020, 50(5): 70-76.
[6] Jun FAN,Qiaolin YE,Ning YE. Face recognition based on improved prameter-free supervised localitypreserving projections [J]. Journal of Shandong University(Engineering Science), 2019, 49(1): 10-16.
[7] Yunyang YAN,Huizhen ZHANG,Yi′an LIU,Shangbing GAO. Video flame detection based on GMM and 3D-LBP feature [J]. Journal of Shandong University(Engineering Science), 2019, 49(1): 1-9.
[8] Guoxin WANG,Fengdong CHEN,Guodong LIU. Feature extraction method of color pseudo-random coded structured light [J]. Journal of Shandong University(Engineering Science), 2018, 48(5): 55-60.
[9] YE Ziyun, YANG Jinfeng. A finger-vein recognition method based on weighted graph model [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2018, 48(3): 103-109.
[10] QIAN Wenguang, LI Huimin. A similarity subspace embedding algorithm [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2018, 48(1): 8-14.
[11] ZHANG Zhenyue, LI Fei, JIANG Mingyan. Unsupervised face image feature extraction based on low-rank representation projection [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2018, 48(1): 15-20.
[12] LIU Yan, LI Youjun, CHEN Meng. Research on the classification of resting state EEG signal between depression patients and normal controls by EMD and SVM methods [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2017, 47(3): 21-26.
[13] YU Qingmin, LI Xiaolei, ZHAI Yong. Feature extraction method of rolling bearing inner ring in wind turbine based on improved EMD and feature box [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2017, 47(3): 89-95.
[14] GUO Chao, YANG Yan, JIANG Yongquan, SONG Yi. Condition recognition of high-speed train based on multi-view classification ensemble [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2017, 47(1): 7-14.
[15] ZHONG Zhiyan, WEN Zhiqiang, ZHANG Xiaoyun, YE Degang. Neighborhood similarity descriptor used in halftone image [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2016, 46(3): 58-64.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
[1] ZHANG Yong-hua,WANG An-ling,LIU Fu-ping . The reflected phase angle of low frequent inhomogeneous[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2006, 36(2): 22 -25 .
[2] KONG Xiang-zhen,LIU Yan-jun,WANG Yong,ZHAO Xiu-hua . Compensation and simulation for the deadband of the pneumatic proportional valve[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2006, 36(1): 99 -102 .
[3] LAI Xiang . The global domain of attraction for a kind of MKdV equations[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2006, 36(1): 87 -92 .
[4] YU Jia yuan1, TIAN Jin ting1, ZHU Qiang zhong2. Computational intelligence and its application in psychology[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2009, 39(1): 1 -5 .
[5] LI Liang, LUO Qiming, CHEN Enhong. Graph-based ranking model for object-level search
[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2009, 39(1): 15 -21 .
[6] CHEN Rui, LI Hongwei, TIAN Jing. The relationship between the number of magnetic poles and the bearing capacity of radial magnetic bearing[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2018, 48(2): 81 -85 .
[7] JI Tao,GAO Xu/sup>,SUN Tong-jing,XUE Yong-duan/sup>,XU Bing-yin/sup> . Characteristic analysis of fault generated traveling waves in 10 Kv automatic blocking and continuous power transmission lines[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2006, 36(2): 111 -116 .
[8] QIN Tong, SUN Fengrong*, WANG Limei, WANG Qinghao, LI Xincai. 3D surface reconstruction using the shape based interpolation guided by maximal discs[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2010, 40(3): 1 -5 .
[9] LIU Wen-liang, ZHU Wei-hong, CHEN Di, ZHANG Hong-quan. Detection and tracking of moving targets using the morphology match in radar images[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2010, 40(3): 31 -36 .
[10] Yue Khing Toh1, XIAO Wendong2, XIE Lihua1. Wireless sensor network for distributed target tracking: practices via real test bed development[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2009, 39(1): 50 -56 .
Copyright 2018 © Editorial office of Journal of Shandong University (Engineering Science)
Supported by Beijing Magtech Co.Ltd