透過您的圖書館登入 IP:52.14.253.170
透過您的圖書館登入
IP:52.14.253.170
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

運用機器學習及巨量資料分析實現Android惡意程式動態偵測

DroidDolphin: a Dynamic Android Malware Detection Framework Using Big Data and Machine Learning

吳文傑(Wen-Chieh Wu)
指導教授 : 洪士灝
國立臺灣大學/電機資訊學院/資訊工程學研究所/碩士(2014年)
https://doi.org/10.6342/NTU.2014.03127
全文下載

摘要

隨著智慧型手機普及,手機上琳瑯滿目的應用程式讓我們的生活變得相當方便,但隨著能選擇的應用程式愈來愈多,惡意程式也隨之堀起了。這些惡意程式常常引誘使用者進行安裝,並在安裝後以各種手法偷取使用者的個人資料,更嚴重者甚至會在使用者不知情的情況下發送簡訊及播打電話,造成金錢上的損失,為了讓我們免於惡意程式的威脅,一個有效偵測出惡意程式的方法是必需的。 本論文中我們提出DroidDolphin,它以動態分析的方式加上巨量資料及機器學習的觀念,實現在Android智慧型手機上偵測惡意程式的架構,在使用16,000個非惡意程式及16,000個惡意程式下,達到84.1%的預測準確度,並證明在使用更多的程式或者重覆進行動態分析的情況下,能夠使預測準確度更加提升。

關鍵字

Android 惡意程式 機器學習 巨量資料 動態分析

並列摘要

Smartphones are getting more and more popular nowadays with various kinds of applications to make our lives more convenient. Unfortunately, as there are more and more applications, the malicious applications, also known as malware, arises as well. The users often tempted into install these malware without any awareness, and the malware steals the users’ personal information. Some malware would send SMS or make phone calls, which result in additional charges. Thus, detection of malware is critical to protect smartphone users. In this thesis, we proposed DroidDolphin, a dynamic malware analysis framework which leverages the technologies of GUI-based testing, big data analysis and machine learning to detect malicious Android applications. Based on our automatic testing tool, we were able to collect a dataset with 32,000 benign and 32,000 malicious applications so far. Our preliminary results showed that the prediction accuracy reaches 86.1% and F-score reaches 0.857. As the dataset increases, the accuracy of detection increases significantly, which makes this methodology promising.

並列關鍵字

Android malware machine learning big data analysis dynamic analysis

參考文獻

[6] Viktor Mayer-Schonberger and Kenneth Cukier “Big Data: A Revolution That Will Tranform How We Live, Work, and Think”, 2013
[9] Droidbox: An android application sandbox for dynamic analysis, 2013
[12] William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. 2010. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th USENIX conference on Operating systems design and implementation (OSDI'10). USENIX Association, Berkeley, CA, USA, 1-6.
[14] Androguard: Reverse engineering, malware and goodware analysis of android application and more, 2012.
[15] Michael Grace, Yajin Zhou, Qiang Zhang, Shihong Zou, and Xuxian Jiang. 2012. RiskRanker: scalable and accurate zero-day android malware detection. In Proceedings of the 10th international conference on Mobile systems, applications, and services (MobiSys '12). ACM, New York, NY, USA, 281-294.

延伸閱讀

全文下載