Defect Prediction Method for Android Binary Files

doi:10.13190/j.jbupt.2017-243

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2018, Vol. 41 ›› Issue (1): 13-23.doi: 10.13190/j.jbupt.2017-243

• Papers • Previous Articles Next Articles

Defect Prediction Method for Android Binary Files

DONG Feng, LIU Tian-ming, XU Guo-ai, GUO Yan-hui, LI Cheng-ze

School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China

Received:2017-11-30 Online:2018-02-28 Published:2018-01-04

Abstract

Abstract: Software defect prediction is an important method in the field of software security. Most of existing defect prediction models are source-oriented and can not be easily used for Android binary files (apks) defect prediction. Moreover, the traditional machine learning techniques used in these models have a shallow architecture, which leads to a limited capacity of expressing complex functions between features and defects. The author proposes a practical defect prediction model for Android binary files using deep neural network (DNN). A new approach is proposed to generate features that capture both token and semantic features of the defective smali (decompiled files of apks) files in apks. The feature vectors are input into DNN to train and build the defect prediction model in order to achieve accuracy. The article implements the model called DefectDroid and applies it to a large number of Android smali files. The performance of DefectDroid is compared from three aspects:within-project defect prediction, cross-project defect prediction and traditional machine learning algorithms.

Key words: defect prediction, software security, Android binary files, machine learning, deep neural network

CLC Number:

TP311.5

DONG Feng, LIU Tian-ming, XU Guo-ai, GUO Yan-hui, LI Cheng-ze. Defect Prediction Method for Android Binary Files[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2018, 41(1): 13-23.

References

[1] Prasad M C, Florence L, Arya A. A study on software metrics based software defect prediction using data mining and machine learning techniques[J]. International Journal of Database Theory and Application, 2015, 8(3):179-190.
[2] Scandariato R, Walden J, Hovsepyan A, et al. Predicting vulnerable software components via text mining[J]. IEEE Transactions on Software Engineering, 2014, 40(10):993-1006.
[3] Wang S, Liu T, Tan L. Automatically learning semantic features for defect prediction[C]//Proceedings of the 38^th International Conference on Software Engineering. Austin:ACM, 2016:297-308.
[4] Nguyen V H, Le M S T. Predicting vulnerable software components with dependency graphs[C]//International Workshop on Security Measurements and Metrics.[S.l.]:ACM, 2010:3.
[5] Malhotra R. An empirical framework for defect prediction using machine learning techniques with Android software[J]. Applied Soft Computing, 2016, 40(10):993-1006.
[6] Liu H, Motoda H. Feature selection for knowledge discovery and data mining[M].[S.l.]:Kluwer Academic Publishers, 1998:1-10.
[7] Lessmann S, Baesens B, Mues C. Benchmarking classification models for software defect prediction:a proposed framework and novel findings[J]. IEEE Transactions on Software Engineering, 2008, 34(4):485-496.
[8] Giger E, D'Ambros M, Pinzger M, et al. Method-level bug prediction[C]//Acm-IEEE International Symposium on Empirical Software Engineering and Measurement.[S. l.]:IEEE, 2013:171-180.
[9] 陈翔, 顾庆, 刘望舒, 等. 静态软件缺陷预测方法研究[J]. 软件学报, 2016, 27(1):1-25. Chen Xiang, Gu Qing, Liu Wangshu, et al. Survey of static software defect prediction[J]. Ruan Jian Xue Bao/Journal of Software, 2016, 27(1):1-25.
[10] Zhang F, Zheng Q, Zou Y, et al. Cross-project defect prediction using a connectivity-based unsupervised classifier[C]//Proceedings of the 38^th International Conference on Software Engineering. Austin:ACM, 2016:309-320.
[11] Perl H, Dechand S, Smith M. VCCFinder:finding potential vulnerabilities in open-source projects to assist code audits[C]//ACM Sigsac Conference on Computer and Communications Security (CCS'15). Denver:ACM, 2015:426-437.
[12] Lecun Y, Bengio Y, Hinton G. Deep learning[J]. Nature, 2015, 521(7553):436-444.
[13] Jerome Q, Allix K, State R. Using opcode-sequences to detect malicious Android applications[C]//IEEE International Conference on Communications.[S.l.]:IEEE, 2014:914-919.
[14] Mclaughlin N, Jesus M D R, Kang B J, et al. Deep android malware detection[C]//ACM on Conference on Data and Application Security and Privacy.[S.l.]:ACM, 2017:301-308.
[15] Bengio Y. Learning deep architectures for AI[J]. Foundations & Trends^® in Machine Learning, 2009, 2(1):1-127.
[16] Dong F. DefectDroid[EB/OL]. (2017-10-01)[2017-11-05]. https://github.com/breezedong/DefectDroid.git
[17] Tantithamthavorn C, Mcintosh S, Hassan A E. Automated parameter optimization of classification techniques for defect prediction models[C]//International Conference on Software Engineering (ICSE'16). Austin:ACM, 2016:321-332.
[18] 杨朝红, 宫云战, 肖庆, 等. 基于软件缺陷模型的测试系统[J]. 北京邮电大学学报, 2008, 31(5):1-4. Yang Zhaohong, Gong Yunzhan, Xiao Qing, et al. A defect model based testing system[J]. Journal of Beijing University of Posts and Telecommunications, 2008, 31(5):1-4.

Defect Prediction Method for Android Binary Files

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments

[1]	CHANG Xiao, HUANG Zhibin, YU Min, YANG Wubing. A Deep Decision Tree Model for Aerospace Big Data [J]. Journal of Beijing University of Posts and Telecommunications, 2023, 46(3): 1-6.
[2]	OUYANG Mowei, KANG Guixia, WANG Kailiang, WANG Yaming. Automated Hippocampal Sclerosis Detection Method with Radiomics Analysis [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(4): 51-57.
[3]	MU Xiao-hui, LI Li-xiang. Network Traffic Prediction of Dropout Echo State Network [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(5): 10-13,20.
[4]	TANG Yong-li, LI Xing-yu, ZHAO Zong-qu, LI Yun-feng. Detection Method for Android Payment Cracked Application [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(4): 95-101.
[5]	PENG Yu-he, CHEN Xiang, CHEN Shuang-wu, YANG Jian. Cross-Domain Abnormal Traffic Detection Based on Transfer Learning [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(2): 33-39.
[6]	Lü Xing-feng, LI Jin-bao. A Method of Detecting Sleep Apnea Using Random Forest [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(5): 64-70.
[7]	ZHANG De-gan, CHEN Lu, CHEN Chen, ZHANG Ting, CUI Yu-ya. A New Algorithm of QoS Constrained Routing for Node Energy Optimization of Edge Computing [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(4): 101-105.
[8]	ZHOU Yi-lin, YANG Lu, LU Wen-rui. Exploring the Life Modeling Methods for Electrochemical Migration Failure of Printed Circuit Board under Dust Particles [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(3): 11-18,31.
[9]	ZHANG Guo-dong, YING Huan, YANG Shou-guo, SHI Zhi-qiang, LI Ji-yuan. Automatic Identification and Cracking Method for Vulnerable Hash Functions of Embedded Firmwares [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(1): 46-53.
[10]	YU Kai-xiang, CHEN Zhen-hao, ZHANG Si-hai. A Key Variable Detection Algorithm in Multivariate Manufacturing Process [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2019, 42(6): 98-104.
[11]	LUO Tao, LI Jian-feng, HAN Jia-hui, WANG Yi-ning, LEI Lu. Osteoporosis Evaluation Method Based on Multimodal Feature Fusion [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2019, 42(6): 84-90.
[12]	HAN Xing, LIU Xiao-ping, WANG Gang, HAN Song. Robotic Sorting Method in Complex Scene Based on Deep Neural Network [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2019, 42(5): 22-28.
[13]	MENG Hao, HUO Ru, GUO Qian-ying, HUANG Tao, LIU Yun-jie. Machine Learning-Based Stochastic Task Offloading Algorithm in Mobile-Edge Computing [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2019, 42(2): 25-30.
[14]	CUI Hong-yan, XU Shuai, ZHANG Li-feng, Roy E. Welsch, Berthold K. P. Horn. The Key Techniques and Future Vision of Feature Selection in Machine Learning [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2018, 41(1): 1-12.
[15]	. A Traceback Approach with Probabilistic Packet Marking IP Based on Cooperations [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2012, 35(1): 51-54.