面向Android二进制代码的缺陷预测方法

doi:10.13190/j.jbupt.2017-243

北京邮电大学学报 ›› 2018, Vol. 41 ›› Issue (1): 13-23.doi: 10.13190/j.jbupt.2017-243

面向Android二进制代码的缺陷预测方法

董枫, 刘天铭, 徐国爱, 郭燕慧, 李承泽

北京邮电大学网络空间安全学院, 北京 100876

收稿日期:2017-11-30 出版日期:2018-02-28 发布日期:2018-01-04
作者简介:董枫(1990-),男,博士生,E-mail:dongfeng@bupt.edu.cn;徐国爱(1972-),男,教授,博士生导师.
基金资助:
国家自然科学基金项目（61401038）；2016广东省科学技术厅前沿与关键技术创新项目（2016B010110002）

Defect Prediction Method for Android Binary Files

DONG Feng, LIU Tian-ming, XU Guo-ai, GUO Yan-hui, LI Cheng-ze

School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China

Received:2017-11-30 Online:2018-02-28 Published:2018-01-04

摘要/Abstract

摘要： 针对Android软件缺陷预测任务中源代码难以获取的问题，提出一种面向Android二进制可执行文件的缺陷预测模型，同时采用深度神经网络进行缺陷预测.首先，通过一种创新的Android可执行文件缺陷特征提取方法，提取其符号特征和语义特征来构建缺陷特征向量；其次，用缺陷特征向量输入深度神经网络算法来训练和构建缺陷预测模型；最后，将工具原型DefectDroid应用于大规模smali文件缺陷预测任务中，在同项目缺陷预测、跨项目缺陷预测、传统机器学习算法等方面对模型进行性能评估.

关键词: 缺陷预测, 软件安全, Android二进制文件, 机器学习, 深度神经网络

Abstract: Software defect prediction is an important method in the field of software security. Most of existing defect prediction models are source-oriented and can not be easily used for Android binary files (apks) defect prediction. Moreover, the traditional machine learning techniques used in these models have a shallow architecture, which leads to a limited capacity of expressing complex functions between features and defects. The author proposes a practical defect prediction model for Android binary files using deep neural network (DNN). A new approach is proposed to generate features that capture both token and semantic features of the defective smali (decompiled files of apks) files in apks. The feature vectors are input into DNN to train and build the defect prediction model in order to achieve accuracy. The article implements the model called DefectDroid and applies it to a large number of Android smali files. The performance of DefectDroid is compared from three aspects:within-project defect prediction, cross-project defect prediction and traditional machine learning algorithms.

Key words: defect prediction, software security, Android binary files, machine learning, deep neural network

中图分类号:

TP311.5

董枫, 刘天铭, 徐国爱, 郭燕慧, 李承泽. 面向Android二进制代码的缺陷预测方法[J]. 北京邮电大学学报, 2018, 41(1): 13-23.

DONG Feng, LIU Tian-ming, XU Guo-ai, GUO Yan-hui, LI Cheng-ze. Defect Prediction Method for Android Binary Files[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2018, 41(1): 13-23.

参考文献

[1] Prasad M C, Florence L, Arya A. A study on software metrics based software defect prediction using data mining and machine learning techniques[J]. International Journal of Database Theory and Application, 2015, 8(3):179-190.
[2] Scandariato R, Walden J, Hovsepyan A, et al. Predicting vulnerable software components via text mining[J]. IEEE Transactions on Software Engineering, 2014, 40(10):993-1006.
[3] Wang S, Liu T, Tan L. Automatically learning semantic features for defect prediction[C]//Proceedings of the 38^th International Conference on Software Engineering. Austin:ACM, 2016:297-308.
[4] Nguyen V H, Le M S T. Predicting vulnerable software components with dependency graphs[C]//International Workshop on Security Measurements and Metrics.[S.l.]:ACM, 2010:3.
[5] Malhotra R. An empirical framework for defect prediction using machine learning techniques with Android software[J]. Applied Soft Computing, 2016, 40(10):993-1006.
[6] Liu H, Motoda H. Feature selection for knowledge discovery and data mining[M].[S.l.]:Kluwer Academic Publishers, 1998:1-10.
[7] Lessmann S, Baesens B, Mues C. Benchmarking classification models for software defect prediction:a proposed framework and novel findings[J]. IEEE Transactions on Software Engineering, 2008, 34(4):485-496.
[8] Giger E, D'Ambros M, Pinzger M, et al. Method-level bug prediction[C]//Acm-IEEE International Symposium on Empirical Software Engineering and Measurement.[S. l.]:IEEE, 2013:171-180.
[9] 陈翔, 顾庆, 刘望舒, 等. 静态软件缺陷预测方法研究[J]. 软件学报, 2016, 27(1):1-25. Chen Xiang, Gu Qing, Liu Wangshu, et al. Survey of static software defect prediction[J]. Ruan Jian Xue Bao/Journal of Software, 2016, 27(1):1-25.
[10] Zhang F, Zheng Q, Zou Y, et al. Cross-project defect prediction using a connectivity-based unsupervised classifier[C]//Proceedings of the 38^th International Conference on Software Engineering. Austin:ACM, 2016:309-320.
[11] Perl H, Dechand S, Smith M. VCCFinder:finding potential vulnerabilities in open-source projects to assist code audits[C]//ACM Sigsac Conference on Computer and Communications Security (CCS'15). Denver:ACM, 2015:426-437.
[12] Lecun Y, Bengio Y, Hinton G. Deep learning[J]. Nature, 2015, 521(7553):436-444.
[13] Jerome Q, Allix K, State R. Using opcode-sequences to detect malicious Android applications[C]//IEEE International Conference on Communications.[S.l.]:IEEE, 2014:914-919.
[14] Mclaughlin N, Jesus M D R, Kang B J, et al. Deep android malware detection[C]//ACM on Conference on Data and Application Security and Privacy.[S.l.]:ACM, 2017:301-308.
[15] Bengio Y. Learning deep architectures for AI[J]. Foundations & Trends^® in Machine Learning, 2009, 2(1):1-127.
[16] Dong F. DefectDroid[EB/OL]. (2017-10-01)[2017-11-05]. https://github.com/breezedong/DefectDroid.git
[17] Tantithamthavorn C, Mcintosh S, Hassan A E. Automated parameter optimization of classification techniques for defect prediction models[C]//International Conference on Software Engineering (ICSE'16). Austin:ACM, 2016:321-332.
[18] 杨朝红, 宫云战, 肖庆, 等. 基于软件缺陷模型的测试系统[J]. 北京邮电大学学报, 2008, 31(5):1-4. Yang Zhaohong, Gong Yunzhan, Xiao Qing, et al. A defect model based testing system[J]. Journal of Beijing University of Posts and Telecommunications, 2008, 31(5):1-4.

面向Android二进制代码的缺陷预测方法

Defect Prediction Method for Android Binary Files

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	常霄, 黄智濒, 禹旻, 杨武兵. 一种适用于航天大数据的深度决策树算法[J]. 北京邮电大学学报, 2023, 46(3): 1-6.
[2]	王延凯龙华邵玉斌杜庆治王瑶. 基于融合特征MGCC的语种识别方法[J]. 北京邮电大学学报, 2023, 46(2): 116-121.
[3]	欧阳莫微, 康桂霞, 王开亮, 王亚明. 一种放射组学分析的海马硬化自动诊断方法[J]. 北京邮电大学学报, 2022, 45(4): 51-57.
[4]	牟晓惠, 李丽香. Dropout回声状态网络的网络流量预测[J]. 北京邮电大学学报, 2021, 44(5): 10-13,20.
[5]	汤永利, 李星宇, 赵宗渠, 李运峰. 面向Android支付破解应用的检测方法[J]. 北京邮电大学学报, 2021, 44(4): 95-101.
[6]	彭雨荷, 陈翔, 陈双武, 杨坚. 基于迁移学习的跨域异常流量检测[J]. 北京邮电大学学报, 2021, 44(2): 33-39.
[7]	吕兴凤, 李金宝. 一种利用随机森林方法检测睡眠呼吸暂停的研究[J]. 北京邮电大学学报, 2020, 43(5): 64-70.
[8]	张德干, 陈露, 陈晨, 张婷, 崔玉亚. 一种面向边缘计算节点能量优化的QoS约束路由算法[J]. 北京邮电大学学报, 2020, 43(4): 101-105.
[9]	周怡琳, 杨璐, 鲁文睿. 尘土颗粒影响下电路板电化学迁移失效寿命建模探索[J]. 北京邮电大学学报, 2020, 43(3): 11-18,31.
[10]	张国栋, 应欢, 杨寿国, 石志强, 李霁远. 嵌入式固件脆弱哈希函数自动识别与破解方法[J]. 北京邮电大学学报, 2020, 43(1): 46-53.
[11]	余凯祥, 陈振豪, 张四海. 一种多变量制造过程中的关键变量检测算法[J]. 北京邮电大学学报, 2019, 42(6): 98-104.
[12]	罗涛, 李剑峰, 韩家辉, 王艺宁, 雷璐. 一种基于多模态特征融合的骨质疏松评估方法[J]. 北京邮电大学学报, 2019, 42(6): 84-90.
[13]	韩兴, 刘晓平, 王刚, 韩松. 基于深度神经网络复杂场景下的机器人拣选方法[J]. 北京邮电大学学报, 2019, 42(5): 22-28.
[14]	孟浩, 霍如, 郭倩影, 黄韬, 刘韵洁. 基于机器学习的MEC随机任务迁移算法[J]. 北京邮电大学学报, 2019, 42(2): 25-30.
[15]	崔鸿雁, 徐帅, 张利锋, Roy E. Welsch, Berthold K. P. Horn. 机器学习中的特征选择方法研究及展望[J]. 北京邮电大学学报, 2018, 41(1): 1-12.