Tanjie Wang, Yueshen Xu, Xinkui Zhao, Zhiping Jiang, Rui Li
{"title":"通过高效的应用程序编程接口调用序列提取和机器学习分类器检测安卓恶意软件","authors":"Tanjie Wang, Yueshen Xu, Xinkui Zhao, Zhiping Jiang, Rui Li","doi":"10.1049/sfw2.12083","DOIUrl":null,"url":null,"abstract":"<p>Malware detection is an important task for the ecosystem of mobile applications (APPs), especially for the Android ecosystem, and is vital to guarantee the user experience of Android APPs. There have been some exiting methods trying to solve the problem of malware detection, but the methods suffer from several defects, such as high time complexity and mediocre accuracy, which seriously decrease the practicability of existing methods. To solve these problems, in this study, we propose a novel Android malware detection framework, where we contribute an efficient Application Programming Interface (API) call sequences extraction algorithm and an investigation of different types of classifiers. In API call sequences extraction, we propose an algorithm for transforming the function call graph from a multigraph into a directed simple graph, which successfully avoids the unnecessary repetitive path searching. We also propose a pruning search, which further reduces the number of paths to be searched. Our algorithm greatly reduces the time complexity. We generate the transition matrix as classification features and investigate three types of machine learning classifiers to complete the malware detection task. The experiments are performed on real-world Android Packages (APKs), and the results demonstrate that our method significantly reduces the running time and produces high detection accuracy.</p>","PeriodicalId":50378,"journal":{"name":"IET Software","volume":"17 4","pages":"348-361"},"PeriodicalIF":1.5000,"publicationDate":"2022-12-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/sfw2.12083","citationCount":"0","resultStr":"{\"title\":\"Android malware detection via efficient application programming interface call sequences extraction and machine learning classifiers\",\"authors\":\"Tanjie Wang, Yueshen Xu, Xinkui Zhao, Zhiping Jiang, Rui Li\",\"doi\":\"10.1049/sfw2.12083\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Malware detection is an important task for the ecosystem of mobile applications (APPs), especially for the Android ecosystem, and is vital to guarantee the user experience of Android APPs. There have been some exiting methods trying to solve the problem of malware detection, but the methods suffer from several defects, such as high time complexity and mediocre accuracy, which seriously decrease the practicability of existing methods. To solve these problems, in this study, we propose a novel Android malware detection framework, where we contribute an efficient Application Programming Interface (API) call sequences extraction algorithm and an investigation of different types of classifiers. In API call sequences extraction, we propose an algorithm for transforming the function call graph from a multigraph into a directed simple graph, which successfully avoids the unnecessary repetitive path searching. We also propose a pruning search, which further reduces the number of paths to be searched. Our algorithm greatly reduces the time complexity. We generate the transition matrix as classification features and investigate three types of machine learning classifiers to complete the malware detection task. The experiments are performed on real-world Android Packages (APKs), and the results demonstrate that our method significantly reduces the running time and produces high detection accuracy.</p>\",\"PeriodicalId\":50378,\"journal\":{\"name\":\"IET Software\",\"volume\":\"17 4\",\"pages\":\"348-361\"},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2022-12-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://onlinelibrary.wiley.com/doi/epdf/10.1049/sfw2.12083\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Software\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1049/sfw2.12083\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Software","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/sfw2.12083","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
Android malware detection via efficient application programming interface call sequences extraction and machine learning classifiers
Malware detection is an important task for the ecosystem of mobile applications (APPs), especially for the Android ecosystem, and is vital to guarantee the user experience of Android APPs. There have been some exiting methods trying to solve the problem of malware detection, but the methods suffer from several defects, such as high time complexity and mediocre accuracy, which seriously decrease the practicability of existing methods. To solve these problems, in this study, we propose a novel Android malware detection framework, where we contribute an efficient Application Programming Interface (API) call sequences extraction algorithm and an investigation of different types of classifiers. In API call sequences extraction, we propose an algorithm for transforming the function call graph from a multigraph into a directed simple graph, which successfully avoids the unnecessary repetitive path searching. We also propose a pruning search, which further reduces the number of paths to be searched. Our algorithm greatly reduces the time complexity. We generate the transition matrix as classification features and investigate three types of machine learning classifiers to complete the malware detection task. The experiments are performed on real-world Android Packages (APKs), and the results demonstrate that our method significantly reduces the running time and produces high detection accuracy.
期刊介绍:
IET Software publishes papers on all aspects of the software lifecycle, including design, development, implementation and maintenance. The focus of the journal is on the methods used to develop and maintain software, and their practical application.
Authors are especially encouraged to submit papers on the following topics, although papers on all aspects of software engineering are welcome:
Software and systems requirements engineering
Formal methods, design methods, practice and experience
Software architecture, aspect and object orientation, reuse and re-engineering
Testing, verification and validation techniques
Software dependability and measurement
Human systems engineering and human-computer interaction
Knowledge engineering; expert and knowledge-based systems, intelligent agents
Information systems engineering
Application of software engineering in industry and commerce
Software engineering technology transfer
Management of software development
Theoretical aspects of software development
Machine learning
Big data and big code
Cloud computing
Current Special Issue. Call for papers:
Knowledge Discovery for Software Development - https://digital-library.theiet.org/files/IET_SEN_CFP_KDSD.pdf
Big Data Analytics for Sustainable Software Development - https://digital-library.theiet.org/files/IET_SEN_CFP_BDASSD.pdf
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
