跳到主要內容

臺灣博碩士論文加值系統

(18.97.14.89) 您好!臺灣時間:2025/01/26 03:20
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:陳嘉宜
研究生(外文):Chia-Yi Chen
論文名稱:以即時動態訊息監控結合靜態特徵進行Android惡意程式分析
論文名稱(外文):Study of Android Malware Analysis based on Real-time Dynamic Monitoring and Static Features
指導教授:王智弘王智弘引用關係
指導教授(外文):Chih-Hung Wang
學位類別:碩士
校院名稱:國立嘉義大學
系所名稱:資訊工程學系研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2018
畢業學年度:106
語文別:英文
論文頁數:41
中文關鍵詞:智慧型手機安全惡意程式偵測動態分析靜態分析機器學習
外文關鍵詞:Smartphone SecurityMalware DetectionDynamic AnalysisStatic AnalysisMachine Learning
相關次數:
  • 被引用被引用:0
  • 點閱點閱:151
  • 評分評分:
  • 下載下載:15
  • 收藏至我的研究室書目清單書目收藏:0
目前的智慧型手機具備各項強大功能,對於現代人來說已經與生活密不可分,其中在智慧型手機中Android系統佔據了非常大的比例,Android系統如此受歡迎主要是因為其開放性,用戶可以輕鬆地安裝各種未經過驗證應用程式達到客製化的需求,然而也因此使得惡意程式可以藉此方式來竊取使用者資料,使得用戶受到隱私及資料洩漏上的威脅。
在本篇論文中,我們提出了一個結合動態即時監控及靜態特徵之基於機器學習模型的Android惡意程式分析系統,藉由兩種分析方式取得應用程式的屬性特徵,再進行機器學習演算法。根據分類結果來判斷待測之應用軟體是否為惡意程式。
動態分析使用了Taintdroid進行即時資料蒐集分析,使用自動化行為觸發程式,讓實驗階段更接近使用者實際操作狀況。論文的方法結合了動態分析資料和靜態分析資料進行機器學習以達分類之目標。實驗結果顯示此方法可以得到相當好的偵測效能。
Nowadays, there are lots of functions on the smart phones, and it is necessary for people to use smart phones in daily life. Android is the most popular system of smart phones with lots of users. Since the Android system has flexible usage of file control, the users can easily install apps from unverified sources, but the malwares can also threat users by this way.
In this thesis, we present an Android malware analysis system. This system is based on the machine learning technology, and we use the result of dynamic monitoring information and static analysis as features. According to the results by the machine learning, we can determine if the application is malware or not.
In the part of dynamic analysis, we collect the dynamic messages in real time based on Taintdroid. We use an automatic behavior trigger that makes our experiment closer to the user’s actual situation. Combining the dynamic and static analysis data sets, we perform the machine learning to proceed with classification. The results show that our system can distinguish malware from apps with high accuracy rate.
CONTENTS iii
LIST OF FIGURES v
LIST OF TABLES v
Chapter 1. Introduction 1
1.1 Overview 1
1.2 Motivation 2
1.3 Contribution 3
1.4 Organization 3
Chapter 2. Background 4
2.1 The Android System 4
2.2 Static Analysis 5
2.3 Dynamic Analysis 9
2.4 Hybrid Analysis 10
Chapter 3. Feature Extraction and Used Tools 12
3.1 Android Permission 12
3.2 Features 13
3.2.1 Static Feature 13
3.2.2 Dynamic Feature 14
3.3 Used Tools 15
3.3.1 Robotium 15
3.3.2 Android Asset Packaging Tool (aapt) 16
3.3.3 Another Neat Tool (ANT) 16
3.3.4 Jarsigner and Zipalign 17
Chapter 4. Malware Analysis System Structure 18
4.1 System Architecture 18
4.2 Feature Data Collection 19
4.2.1 Static Analysis 19
4.2.2 Dynamic Analysis 20
4.2.3 Automatic Behavior Trigger 22
4.3 Feature Combination and Matrix Generation 25
4.4 Machine Learning 26
Chapter 5. Experiment 29
5.1 Environment 29
5.2 Data set 29
5.3 Classification Results 34
5.4 Comparison 36
Chapter 6. Conclusions 39
Reference 40
[1] D. Arp, M. Spretzenbarth, M. Hubner, H. Gascon and K. Rieck, “DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket,” in Proceedings of Network and Distributed System Security Symposium, Feb. 2014.

[2] A. Bacci, A. Bartoli, F. Martinelli, E. Medvet, F. Mercaldo and C. A. Visaggio “Impact of Code Obfuscation on Android Malware Detection based on Static and Dynamic Analysis,” in Proceedings of Information Systems Security and Privacy, 4th International Conference, January 2018.

[3] I. Burguera, U. Zurutuza and S. Nadjm-Tehrani “Crowdroid: Behavior-based Malware Detection System for Android,” in Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pp. 15-26, Chicago, Illinois, USA, October 2011.

[4] L. Chen, M. Zhang, C. Y. Yang and R. Sahita “POSTER: Semi-supervised Classification for Dynamic Android Malware Detection,” in Proceedings of 2017 ACM SIGSAC Conference on Computer and Communications Security, pp.2479-2481, Dallas, Texas, USA, October 2017.

[5] W. Enck, P. Gilbert, B. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth, “TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones,” in Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI), pp. 393-407, Canada, October 2010.

[6] A. P. Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner, “A Survey of Mobile Malware in the Wild,” in Proceedings of 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 3-14, Chicago, USA, October 2011.

[7] S. Liang and X. Du, “Permission-combination-based Scheme for Android Mobile Malware Detection,” 2014 IEEE International Conference on Communications (ICC), pp.2301-2306, 2014.

[8] L. Lu, Z. Li, Z. Wu, W. Lee and G. Jiang, “CHEX: Statically Vetting Android apps for Component Hijacking Vulnerabilities,” in Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 229-240, USA, October 2012.

[9] S. H. Seo, A. Gupta, A. M. Sallam, E. Bertino and K. Yim, “Detecting Mobile Malware Threats to Homeland Security Through Static Analysis,” Journal of Network and Computer Applications,vol.38, pp. 43-53, Feb. 2014.

[10] P. R. Varma, K. P. Raj and K. V. Raju “Android Mobile Security by Detecting and Classification of Malware based on Permissions using Machine Learning Algorithms,” in Proceedings of 2017 IEEE International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud), India, 05 October 2017.


[11] L. Xu, D. Zhang, N. Jayasena and J. Cavazos, “HADM: Hybrid Analysis for Detection of Malware,” in Proceedings of SAI Intelligent Systems Conference 2016, pp. 702-724, 2016.

[12] L. K. Yan and H. Yin, “DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis,” USENIX Security 12, pp. 569-584 Bellevue, WA, USENIX, 2012.

[13] H. Yin, D. Song, M. Egele, C. Kruegel and E. Kirda “Panorama:Capturing System-wide Information Flow for Malware Detection and Analysis,” in Proceedings of ACM on Computer and Communications Security , 2007.

[14] Y. Zhou and X. Jiang “Detecting Passive Content Leaks and Pollution in Android Applications,” in Proceedings of the 20th Network and Distributed System Security Symposium, San Diego, USA, February 2013.

[15] Android ANT,
https://developer.android.com/studio/build/building-cmdline.html

[16] Android Market wiki,
https://code.google.com/archive/p/androidbmi/wikis/AndroidMarket.wiki

[17] Android Monkey,
https://developer.android.com/studio/test/monkey.html

[18] ANT,
http://ant.apache.org/

[19] jarsigner,
https://docs.oracle.com/javase/7/docs/technotes/tools/windows/jarsigner.html

[20] Malware Sample Sources for Researchers (August, 2017),
https://zeltser.com/malware-sample-sources/

[21] Requesting Permissions at Run Time,
https://developer.android.com/training/permissions/requesting.html

[22] Robotium,
https://github.com/robotiumtech/robotium

[23] Scikit-learn (September, 2017),
http://scikit-learn.org/stable/

[24] Smartphone OS Market Share, Q1 2017.
http://www.idc.com/promo/smartphone-market-share/os

[25] zipalign,
https://developer.android.com/studio/command-line/zipalign.html
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊