Journal of Beijing University of Posts and Telecommunications

  • EI核心期刊

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2014, Vol. 37 ›› Issue (3): 58-61,88.doi: 10.13190/j.jbupt.2014.03.012

Previous Articles     Next Articles

A Detection Model of Malware Behaviors on Android

DONG Hang1, LI Qi1, DONG Feng1, PENG Yong1,2, XU Guo-ai1   

  1. 1. Beijing University of Posts and Telecommunications, Beijing 100876, China;
    2. China Information Technology Security Evaluation Center, Beijing 100085, China
  • Received:2013-06-21 Online:2014-06-28 Published:2014-06-28

Abstract:

A detection method was proposed to analyze the malicious behavior on Android, that combines hidden-Markov model (HMM) with support vector machine (SVM) for modeling as well as construct model for behaviors like networking and data accessing. This model takes advantage of both HMM and SVM and overcomes the shortcomings inside, and it is suitable for classification using dynamic behavior sequences. Experiments show that this method can capture the abnormal behaviors with high accuracy rate and lower false positive rate.

Key words: hidden-Markov model, support vector machine, malware, smartphone

CLC Number: