Android Malware Detection Method Based on Behavior Pattern
Most Android malware detection methods based on API (application programming interface) call sequences use N-gram and Markov chain to construct application behavior features. However, the feature sequences constructed by such approaches are of limited length and contain the call sequences unrelated...
Saved in:
Published in | Jisuanji kexue yu tansuo Vol. 16; no. 8; pp. 1792 - 1799 |
---|---|
Main Author | |
Format | Journal Article |
Language | Chinese |
Published |
Journal of Computer Engineering and Applications Beijing Co., Ltd., Science Press
01.08.2022
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Most Android malware detection methods based on API (application programming interface) call sequences use N-gram and Markov chain to construct application behavior features. However, the feature sequences constructed by such approaches are of limited length and contain the call sequences unrelated to the malicious behavior, resulting in low detection accuracy. This paper proposes a method of detecting Android malware based on behavior pattern. Firstly, the longest sensitive API call sequence is extracted by call sequence reduction and call sequence merging. Then, the weighted support is defined, and an improved sequence pattern mining algorithm is proposed to mine sequence patterns with high discrimination from different categories of samples as classification features. Finally, different machine learning algorithms are used to construct classifier to detect malware. Experimental results show that the precision of the proposed method in Android malicious code detection reaches 96.11%, which is higher than th |
---|---|
ISSN: | 1673-9418 |
DOI: | 10.3778/j.issn.1673-9418.2102048 |