https://scholars.lib.ntu.edu.tw/handle/123456789/118989
Title: | 運用機器學習及巨量資料分析實現Android惡意程式動態偵測 DroidDolphin: a Dynamic Android Malware Detection Framework Using Big Data and Machine Learning |
Authors: | 吳文傑 Wu, Wen-Chieh |
Keywords: | Android;惡意程式;機器學習;巨量資料;動態分析 | Issue Date: | 2014 | Abstract: | 隨著智慧型手機普及,手機上琳瑯滿目的應用程式讓我們的生活變得相當方便,但隨著能選擇的應用程式愈來愈多,惡意程式也隨之堀起了。這些惡意程式常常引誘使用者進行安裝,並在安裝後以各種手法偷取使用者的個人資料,更嚴重者甚至會在使用者不知情的情況下發送簡訊及播打電話,造成金錢上的損失,為了讓我們免於惡意程式的威脅,一個有效偵測出惡意程式的方法是必需的。 本論文中我們提出DroidDolphin,它以動態分析的方式加上巨量資料及機器學習的觀念,實現在Android智慧型手機上偵測惡意程式的架構,在使用16,000個非惡意程式及16,000個惡意程式下,達到84.1%的預測準確度,並證明在使用更多的程式或者重覆進行動態分析的情況下,能夠使預測準確度更加提升。 Smartphones are getting more and more popular nowadays with various kinds of applications to make our lives more convenient. Unfortunately, as there are more and more applications, the malicious applications, also known as malware, arises as well. The users often tempted into install these malware without any awareness, and the malware steals the users’ personal information. Some malware would send SMS or make phone calls, which result in additional charges. Thus, detection of malware is critical to protect smartphone users. In this thesis, we proposed DroidDolphin, a dynamic malware analysis framework which leverages the technologies of GUI-based testing, big data analysis and machine learning to detect malicious Android applications. Based on our automatic testing tool, we were able to collect a dataset with 32,000 benign and 32,000 malicious applications so far. Our preliminary results showed that the prediction accuracy reaches 86.1% and F-score reaches 0.857. As the dataset increases, the accuracy of detection increases significantly, which makes this methodology promising. |
URI: | http://ntur.lib.ntu.edu.tw//handle/246246/261558 | Rights: | 論文公開時間:2014/08/01 論文使用權限:同意有償授權(權利金給回饋學校) |
Appears in Collections: | 資訊工程學系 |
File | Description | Size | Format | |
---|---|---|---|---|
ntu-103-R01922003-1.pdf | 23.32 kB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.