Multi-granularity Android malware fast  detection based on opcode

ZHANG Xuetao, SUN Meng,WANG Jinshuang

doi:10.11959/j.issn.2096-109x.2019064

网络与信息安全学报 (Dec 2019)

Multi-granularity Android malware fast detection based on opcode

ZHANG Xuetao, SUN Meng,WANG Jinshuang

Affiliations

ZHANG Xuetao, SUN Meng,WANG Jinshuang: Institute of Command Control Engineering, Army Engineering University, Nanjing 210001, China

DOI: https://doi.org/10.11959/j.issn.2096-109x.2019064
Journal volume & issue: Vol. 5, no. 6
pp. 85 – 94

Abstract

Read online

The detection method based on opcode is widely used in Android malware detection, but it still contains some problems such as complex feature extraction method and low efficiency. In order to solve these problems, a multi-granularity fast detection method based on opcode for Android malware was proposed. Multi-granularity refers to the feature based on the bag of words model, and with the function as basic unit to extract features. By step-by-level aggregation feature, the APK multi-level information is obtained. The log length characterizes the scale of the function. And feature can be compressed and mapped to improve the efficiency and construct the corresponding classification model based on the semantic similarity of the Dalvik instruction set. Tests show that the proposed method has obvious advantages in performance and efficiency.

Published in 网络与信息安全学报

ISSN: 2096-109X (Print)
Publisher: POSTS&TELECOM PRESS Co., LTD
Country of publisher: China
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: http://www.infocomm-journal.com/cjnis/CN/2096-109X/home.shtml

About the journal

Abstract

Keywords