DC 欄位 | 值 | 語言 |
dc.contributor | 指導教授:洪士灝 | - |
dc.contributor | 臺灣大學:資訊工程學研究所 | zh_TW |
dc.contributor.author | 吳文傑 | zh_TW |
dc.contributor.author | Wu, Wen-Chieh | en |
dc.creator | 吳文傑 | zh_TW |
dc.creator | Wu, Wen-Chieh | en |
dc.date | 2014 | - |
dc.date.accessioned | 2014-11-26T01:00:00Z | - |
dc.date.accessioned | 2018-07-05T02:14:49Z | - |
dc.date.available | 2014-11-26T01:00:00Z | - |
dc.date.available | 2018-07-05T02:14:49Z | - |
dc.date.issued | 2014 | - |
dc.identifier.uri | http://ntur.lib.ntu.edu.tw//handle/246246/261558 | - |
dc.description.abstract | 隨著智慧型手機普及,手機上琳瑯滿目的應用程式讓我們的生活變得相當方便,但隨著能選擇的應用程式愈來愈多,惡意程式也隨之堀起了。這些惡意程式常常引誘使用者進行安裝,並在安裝後以各種手法偷取使用者的個人資料,更嚴重者甚至會在使用者不知情的情況下發送簡訊及播打電話,造成金錢上的損失,為了讓我們免於惡意程式的威脅,一個有效偵測出惡意程式的方法是必需的。
本論文中我們提出DroidDolphin,它以動態分析的方式加上巨量資料及機器學習的觀念,實現在Android智慧型手機上偵測惡意程式的架構,在使用16,000個非惡意程式及16,000個惡意程式下,達到84.1%的預測準確度,並證明在使用更多的程式或者重覆進行動態分析的情況下,能夠使預測準確度更加提升。 | zh_TW |
dc.description.abstract | Smartphones are getting more and more popular nowadays with various kinds of applications to make our lives more convenient. Unfortunately, as there are more and more applications, the malicious applications, also known as malware, arises as well. The users often tempted into install these malware without any awareness, and the malware steals the users’ personal information. Some malware would send SMS or make phone calls, which result in additional charges. Thus, detection of malware is critical to protect smartphone users.
In this thesis, we proposed DroidDolphin, a dynamic malware analysis framework which leverages the technologies of GUI-based testing, big data analysis and machine learning to detect malicious Android applications. Based on our automatic testing tool, we were able to collect a dataset with 32,000 benign and 32,000 malicious applications so far. Our preliminary results showed that the prediction accuracy reaches 86.1% and F-score reaches 0.857. As the dataset increases, the accuracy of detection increases significantly, which makes this methodology promising. | en |
dc.description.tableofcontents | 誌謝 i
中文摘要 ii
ABSTRACT iii
CONTENTS iv
LIST OF FIGURES vii
LIST OF TABLES viii
Chapter 1 Introduction 1
1.1 Background and Motivation 1
1.2 An Overview of the Android Malware Growth 1
1.3 An Overview of the Machine Learning 2
1.4 An Overview of the Big Data Analysis 3
1.4.1 MORE 3
1.4.2 MESSY 3
1.4.3 CORRELATION 3
1.5 Contribution 4
1.6 Thesis Organization 5
Chapter 2 Related Work 6
2.1 Static Analysis 6
2.1.1 Kirin 6
2.1.2 Androguard 7
2.1.3 RiskRanker 7
2.1.4 DroidMat 8
2.1.5 DREBIN 9
2.2 Dynamic Analysis 10
2.2.1 Andromaly 10
2.2.2 TaintDroid 11
2.2.3 DroidBox 12
2.2.4 DroidScope 12
2.2.5 Crowdroid 13
2.3 Issues 14
Chapter 3 Methodology 16
3.1 First Phase: Preprocessing 17
3.2 Second Phase: Emulation 18
3.3 Third Phase: Feature Extraction 19
3.4 Fourth Phase: Machine Learning 21
Chapter 4 Evaluation 22
4.1 Experimental Setup 22
4.2 Dataset 22
4.3 Evaluation Metrics 23
4.4 Result 24
4.4.1 Ratio 24
4.4.2 Quantity 28
4.4.3 Re-log 32
4.5 Comparison 34
Chapter 5 Limitations 37
Chapter 6 Conclusions 39
REFERENCE 40 | zh_TW |
dc.format.extent | 1172760 bytes | - |
dc.format.mimetype | application/pdf | - |
dc.language | en_US | - |
dc.rights | 論文公開時間:2014/08/01 | - |
dc.rights | 論文使用權限:同意有償授權(權利金給回饋學校) | - |
dc.subject | Android | zh_TW |
dc.subject | 惡意程式 | zh_TW |
dc.subject | 機器學習 | zh_TW |
dc.subject | 巨量資料 | zh_TW |
dc.subject | 動態分析 | zh_TW |
dc.title | 運用機器學習及巨量資料分析實現Android惡意程式動態偵測 | zh_TW |
dc.title | DroidDolphin: a Dynamic Android Malware Detection Framework Using Big Data and Machine Learning | en |
dc.type | thesis | en |
dc.identifier.uri.fulltext | http://ntur.lib.ntu.edu.tw/bitstream/246246/261558/1/ntu-103-R01922003-1.pdf | - |
item.cerifentitytype | Publications | - |
item.grantfulltext | open | - |
item.fulltext | with fulltext | - |
item.openairecristype | http://purl.org/coar/resource_type/c_46ec | - |
item.openairetype | thesis | - |
顯示於: | 資訊工程學系
|