透過您的圖書館登入 IP:18.220.140.5
透過您的圖書館登入
IP:18.220.140.5
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

攻擊情境之概念及其在Android惡意程式偵測之應用

The Concept of Attack Scenarios and its Applications in Android Malware Detection

張宇丞(Yu-Chen Chang)
指導教授 : 王勝德
國立臺灣大學/電機資訊學院/電機工程學研究所/碩士(2015年)
https://doi.org/10.6342/NTU.2015.01072
全文下載

摘要

本論文提出攻擊情境之概念。攻擊情境自惡意程式中學習及選擇並且以AndroidAPI來描述,藉此表示Android惡意程式特性。由於攻擊情境幾乎不產生偽陽性的特徵,使其適合作為機器學習方法的前過濾器,以此來提升在偽陽性率低情況下的惡意程式偵測率。藉由搭配不同的機器學習方法,我們展示提出方法在提升偵測率上的效果。為了驗證本方法,本論文分析20,914個應用程式,其中含有3,145個惡意程式,並實驗在KNN與SVM這兩種靜態分析偵測效果良好的機器學習法上。實驗結果顯示本論文之方法搭配不同的分類方法均有效增加惡意程式偵測率,在搭配KNN及SVM分別可以達到95.9%偵測率在1%誤報率下以及95.9%偵測率在0.1%誤報率。

關鍵字

Android 惡意程式 靜態分析 攻擊情境 機器學習

並列摘要

In this paper, we proposed the concept of attack scenarios, learned and selected from a set of malicious applications and described by sets of Android APIs, to characterize Android malware. Because of its characteristics that produce almost no false-positive, attack scenarios can be used as a pre-filter of machine-learning based detectors to enhance the detection performance at low false-positive rate. By combining different machine learning techniques, we demonstrate that the proposed approach can increase the detection rates. To evaluate our approach, we analyze 20,914 Android application containing 3,145 malicious samples on two different machine learning techniques, KNN and SVM. The experiment results show that the proposed approach can raise the detection rate up to 95.9% malware at 1% false positive rate and 95.9% malware at 0.1% false positive rate respectively.

並列關鍵字

Android malware detection static analysis attack scenario machine learning

參考文獻

[8] Zheng, M., Sun, M., & Lui, J. C. (2013, July). Droid analytics: A signature based analytic system to collect, extract, analyze and associate android malware. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on (pp. 163-171). IEEE.
[9] Grace, M., Zhou, Y., Zhang, Q., Zou, S., & Jiang, X. (2012, June). Riskranker: scalable and accurate zero-day android malware detection. In Proceedings of the 10th international conference on Mobile systems, applications, and services (pp. 281-294). ACM.
[12] Poeplau, S., Fratantonio, Y., Bianchi, A., Kruegel, C., & Vigna, G. (2014, February). Execute this! analyzing unsafe and malicious dynamic code loading in android applications. In NDSS (Vol. 14, pp. 23-26).
[13] Grace, M. C., Zhou, Y., Wang, Z., & Jiang, X. (2012, February). Systematic Detection of Capability Leaks in Stock Android Smartphones. In NDSS.
[16] Arp, D., Spreitzenbarth, M., Hübner, M., Gascon, H., Rieck, K., & Siemens, C. E. R. T. (2014). DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket.

延伸閱讀

全文下載