Nowadays, Android applications declare as many permissions as possible to provide more function for the users, which also poses severe security threat to them. Although many Android malware detection methods based on permissions have been developed, they are ineffective when malicious applications declare few dangerous permissions or when the dangerous permissions declared by malicious applications are similar with those declared by benign applications. This limitation is attributed to the use of too few information for classification. We propose a new method named fine-grained dangerous permission (FDP) method for detecting Android malicious applications, which gathers features that better represent the difference between malicious applications and benign applications. Among these features, the fine-grained feature of dangerous permissions applied in components is proposed for the first time. We evaluate 1700 benign applications and 1600 malicious applications and demonstrate that FDP achieves a TP rate of 94.5%. Furthermore, compared with other related detection approaches, FDP can detect more malware families and only requires 15.205 s to analyze one application on average, which demonstrates its applicability for practical implementation.
With the development of social network, group emotion analysis on social media such as Facebook, Twitter and Weibo becomes a new trend in recent years. Many different methods have been proposed for group emotion analysis, including traditional methods like SVM and NB and deep learning methods like RNN and CNN. This paper proposes a CNN model with multi-features. We first analyze the characteristic of weibos to collect features including basic features, user-based features and content-based features. We introduce these features to our CNN model to analyze emotions for Weibo events, which has been proved in experiment that it is effective to get the accurate sentiment of weibos. We crawl 5,319,687 weibos about 724 events from Sina Weibo and apply several feature matrices to classify them to 4 types. We use the new model to analyze 4 kinds of events to get the group emotion. The results suggest that the classification we suggested can capture the emotions within different event group.
Nowadays, Android malicious applications are rampant, and information security is facing serious challenges. To prevent being decompiled, Android malicious applications often use software packers to protect themselves. After decompilation, the only available file is the AndroidManifest.xml file. Therefore, when detecting shell applications, the researchers can only rely on the features provided by the AndroidManifest.xml file, including permissions and intent filters. How to select effective features from the AndroidManifest.xml file is the key to detect Android malicious applications. This paper proposes the feature selection method for Android malware detection based on AndroidManifest.xml.
More and more Android application developers are adopting many different methods against reverse engineering, such as adding a shell, resulting in certain features that cannot be obtained through decompilation, which causes a serious sample imbalance in Android malware detection based on machine learning. Hence, the researchers have focused on how to solve class-imbalance to improve the performance of Android malware detection. However, the disadvantages of the existing class-imbalance learning are mainly the loss of valuable samples and the computational cost. In this paper, we propose a method of Class-Imbalance Learning (CIL), which first selects representative features, uses the clustering K-Means algorithm and under-sampling to retain the important samples of the majority class while reducing the number of samples of the majority class. After that, we use the Synthetic Minority Over-Sampling Technique (SMOTE) algorithm to generate minority class samples for data balance, and finally use the Random Forest (RF) algorithm to build a malware detection model. The result of experiments indicates that CIL effectively improves the performance of Android malware detection based on machine learning, especially for class imbalance. Compared with existing class-imbalance learning methods, CIL is also effective for the Machine Learning Repository from the University of California, Irvine (UCI) and has better performance in some data sets.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.