Patent
Android malicious application family classification method and device and electronic equipment
Liu Chao,Yu Min,Song Li,Jianguo Jiang,Weiqing Huang,Zhu Dali +5 more
- 31 May 2019
1
TL;DR: In this article, an Android malicious application family classification method and device and electronic equipment is presented. And the method comprises the steps: carrying out the preprocessing of an APK file of an Android malware application, and obtaining a smali file corresponding to the APK, counting different method blocks containing sensitive elements, and uniformly expressing the Opcode by using a formalized operation code to generate a sensitive operation code sequence, generating a text feature vector, and classifying the Android malicious applications.
read more
Abstract: The embodiment of the invention provides an Android malicious application family classification method and device and electronic equipment, and the method comprises the steps: carrying out the preprocessing of an APK file of an Android malicious application, and obtaining a smali file corresponding to the APK file; Bbased on the smali file, counting different method blocks containing sensitive elements, and based on the semantic information of the Opcode, uniformly expressing the Opcode by using a formalized operation code to generate a sensitive operation code sequence; And based on the sensitive operation code sequence, generating a text feature vector, and based on the text feature vector, classifying the Android malicious applications. According to the embodiment of the invention, thebehavior of the malicious application can be more accurately depicted, so that the classification precision of the malicious application is more effectively improved.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Patent
Malicious code family identification method and device
Ying Lingyun,Nie Meining,Lu Shuqiang +2 more
- 05 Nov 2019
TL;DR: In this article, a malicious code family identification method and device is presented, and the method comprises the steps: obtaining a target malicious code, and extracting the dynamic behavior data of the target malicious codes; inputting the dynamic behaviour data into a malicious codes family classification model, and identifying a family to which the target code belongs, wherein the malicious code classification model is generated by training dynamic behavior samples of different families by using a machine learning algorithm.
References
Patent
Dalvik instruction abstraction-based Android malicious code detection method
Chen Tieming,Yang Yimin +1 more
- 09 Nov 2016
TL;DR: In this paper, a Dalvik instruction abstraction-based Android malicious code detection method is presented, which comprises the following steps of detecting a malicious code and training a classification model: extracting Dalvik operation code from a smali file, performing abstraction simplification to obtain an instruction symbol, performing statistics and normalization processing on N-Gram sequence characteristics of the abstract Dalvik instructions, and finally establishing a maliciouscode detection model and a malicious family classification model by adopting a machine learning-based classification algorithm.
16
Patent
Endian-mode-independent memory access in a bi-endian-mode processor architecture
Michael K. Gschwind,Brett Olsson +1 more
- 29 May 2015
TL;DR: In this paper, the vector instruction is determined to be a memory access instruction specifying the vector register and a memory address, and the processor executes the instruction by copying the byte data between the memory and vector register so that the byte element n of the vector registers corresponds to the memory address+n for n = 0 to S.
15
Patent
Android malicious code detection system and method based on Opcode backtracking
Yuan Haitao,Pan Xuanchen,Xiao Xinguang +2 more
- 02 Jul 2014
TL;DR: In this paper, an android malicious code detection system and method based on Opcode backtracking is presented. But, the method is limited to Android, and it is not suitable for Java.
5
Patent
Android malicious software recognition method based on RGB image mapping
Qian Quan,Zhao Yongliang +1 more
- 13 Jul 2018
TL;DR: In this paper, an Android malicious software recognition method based on RGB image mapping is presented, which comprises the steps of collecting malicious program sets M to form a sample database; calling operation codes and a sensitive API and mapping high-risk API characteristics to obtain a color graph, then, learning characteristic image through a deep learning mode, obtaining the best classification model, and generating a characteristic color graph for a program to be detected, and obtaining a detection result after the classification model is input.
2
Patent
Method of malicious code family identification based on incremental DBSCAN algorithm
Tang Yong,Yi Wang,Lu Zexin,Yu Xin,Zhang Yi,Yang Qiang,Zhou Xu +6 more
- 10 May 2017
TL;DR: In this paper, a method of malicious code family identification based on incremental DBSCAN algorithm is proposed, which saves malicious code feature vectors in a database using IDA Python script to extract the features of the sample, the feature is transformed into feature vectors and saved in the database.
1