• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

PermQRDroid:基于有效权限信息图像的新型注意力分层迷你残差网络架构进行安卓恶意软件检测

PermQRDroid: Android malware detection with novel attention layered mini-ResNet architecture over effective permission information image.

作者信息

Kılıç Kazım, Doğru İbrahim Alper, Toklu Sinan

机构信息

IoTLab, Department of Computer Engineering, Gazi University, Ankara, Turkey.

Information Technology Faculty, Mingachevir State University, Mingeçevir, Mingeçevir, Azerbaijan.

出版信息

PeerJ Comput Sci. 2024 Oct 17;10:e2362. doi: 10.7717/peerj-cs.2362. eCollection 2024.

DOI:10.7717/peerj-cs.2362
PMID:39650383
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC11623236/
Abstract

BACKGROUND

The Android operating system holds the vast majority of the market share in smart device usage worldwide. The Android operating system, which is of interest to users, is increasing its usage rate day by day due to its open source nature and free applications. Applications can be installed on the Android operating system from official application markets and unofficial third-party environments, which poses a great risk to users' privacy and security.

METHODS

In this study, an attention-layered mini-ResNet model is proposed, which can detect QR code-like images created using the 100 most effective defined permission information of Android applications. In the proposed method, permission information is obtained from four different datasets with different number of applications. QR code-like images of size 10x10x1 are created by selecting effective permissions using the chi-square technique. In the proposed classification architecture, residual layers are used to avoid ignoring the residual features of the images, and attention layers are used to focus on specific regions after each residual layer. The proposed architecture has a low number of parameters and memory consumption despite adding the residual layer and the weighting operations in the attention layer.

RESULTS

Using the proposed method, accuracy values of 96.95%, 98.34%, 98.33% and 100% were achieved, respectively, on four datasets containing applications obtained from different sources such as Androzoo, Drebin, Genome and Google Play Store. On the Mix dataset, which is a combination of four datasets, an accuracy value of 96.7% was produced with the proposed method. When 10-fold cross validation was applied to reduce the suggested bias, accuracy values of 97.50%, 98.62%, 98%, 94% and 97.61% were obtained, respectively. The success and durability of the proposed method in different environments have been tested through experiments conducted on different datasets. The results show that the proposed method exhibits better classification performance compared to classical machine learning algorithms, deep learning-based studies using permission information, and similar image-based studies.

摘要

背景

安卓操作系统在全球智能设备使用中占据绝大多数市场份额。受用户关注的安卓操作系统,因其开源特性和免费应用,其使用率日益增加。应用程序可从官方应用市场和非官方第三方环境安装到安卓操作系统上,这对用户隐私和安全构成巨大风险。

方法

在本研究中,提出了一种注意力分层的迷你残差网络模型,该模型能够检测使用安卓应用100个最有效的定义权限信息创建的类似二维码的图像。在所提出的方法中,权限信息从四个包含不同数量应用程序的不同数据集中获取。通过使用卡方技术选择有效权限,创建大小为10x10x1的类似二维码的图像。在所提出的分类架构中,使用残差层以避免忽略图像的残差特征,并在每个残差层之后使用注意力层来聚焦特定区域。尽管在注意力层中添加了残差层和加权操作,但所提出的架构具有较少的参数数量和内存消耗。

结果

使用所提出的方法,在包含从不同来源(如Androzoo、Drebin、Genome和谷歌应用商店)获取的应用程序的四个数据集上,分别取得了96.95%、98.34%、98.33%和100%的准确率值。在由四个数据集组合而成的混合数据集上,所提出的方法产生了96.7%的准确率值。当应用10折交叉验证以减少所建议的偏差时,分别获得了97.50%、98.62%、98%、94%和97.61%的准确率值。通过在不同数据集上进行的实验,测试了所提出的方法在不同环境中的成功率和耐久性。结果表明,与经典机器学习算法、使用权限信息的基于深度学习的研究以及类似的基于图像的研究相比,所提出的方法表现出更好的分类性能。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/a2e4/11623236/90710b2c847c/peerj-cs-10-2362-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/a2e4/11623236/30b3bf2b5f2c/peerj-cs-10-2362-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/a2e4/11623236/28a08f198692/peerj-cs-10-2362-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/a2e4/11623236/b7cc1b337448/peerj-cs-10-2362-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/a2e4/11623236/bf8770808f0e/peerj-cs-10-2362-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/a2e4/11623236/90710b2c847c/peerj-cs-10-2362-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/a2e4/11623236/30b3bf2b5f2c/peerj-cs-10-2362-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/a2e4/11623236/28a08f198692/peerj-cs-10-2362-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/a2e4/11623236/b7cc1b337448/peerj-cs-10-2362-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/a2e4/11623236/bf8770808f0e/peerj-cs-10-2362-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/a2e4/11623236/90710b2c847c/peerj-cs-10-2362-g005.jpg

相似文献

1
PermQRDroid: Android malware detection with novel attention layered mini-ResNet architecture over effective permission information image.PermQRDroid:基于有效权限信息图像的新型注意力分层迷你残差网络架构进行安卓恶意软件检测
PeerJ Comput Sci. 2024 Oct 17;10:e2362. doi: 10.7717/peerj-cs.2362. eCollection 2024.
2
Android malware detection using hybrid ANFIS architecture with low computational cost convolutional layers.使用具有低计算成本卷积层的混合自适应神经模糊推理系统(ANFIS)架构进行安卓恶意软件检测。
PeerJ Comput Sci. 2022 Sep 26;8:e1092. doi: 10.7717/peerj-cs.1092. eCollection 2022.
3
A detection method for android application security based on TF-IDF and machine learning.基于 TF-IDF 和机器学习的安卓应用安全检测方法。
PLoS One. 2020 Sep 11;15(9):e0238694. doi: 10.1371/journal.pone.0238694. eCollection 2020.
4
AMDDLmodel: Android smartphones malware detection using deep learning model.AMDDL 模型:基于深度学习模型的安卓智能手机恶意软件检测。
PLoS One. 2024 Jan 19;19(1):e0296722. doi: 10.1371/journal.pone.0296722. eCollection 2024.
5
Artificial Intelligence Algorithms for Malware Detection in Android-Operated Mobile Devices.人工智能算法在安卓操作系统移动设备中的恶意软件检测。
Sensors (Basel). 2022 Mar 15;22(6):2268. doi: 10.3390/s22062268.
6
An accurate approach to discriminate android colluded malware from single app malware using permissions intelligence.一种利用权限智能来区分安卓协同恶意软件和单个应用恶意软件的准确方法。
Sci Rep. 2025 Mar 28;15(1):10680. doi: 10.1038/s41598-025-86568-w.
7
A static analysis approach for Android permission-based malware detection systems.基于静态分析的 Android 权限型恶意软件检测系统。
PLoS One. 2021 Sep 30;16(9):e0257968. doi: 10.1371/journal.pone.0257968. eCollection 2021.
8
FG-Droid: Grouping based feature size reduction for Android malware detection.FG-Droid:用于安卓恶意软件检测的基于分组的特征尺寸缩减
PeerJ Comput Sci. 2022 Jul 14;8:e1043. doi: 10.7717/peerj-cs.1043. eCollection 2022.
9
Deep Feature Extraction and Classification of Android Malware Images.安卓恶意软件图像的深度特征提取与分类。
Sensors (Basel). 2020 Dec 8;20(24):7013. doi: 10.3390/s20247013.
10
MFDroid: A Stacking Ensemble Learning Framework for Android Malware Detection.MFDroid:一种用于 Android 恶意软件检测的堆叠集成学习框架。
Sensors (Basel). 2022 Mar 28;22(7):2597. doi: 10.3390/s22072597.

引用本文的文献

1
BlockDroid: detection of Android malware from images using lightweight convolutional neural network models with ensemble learning and blockchain for mobile devices.BlockDroid:使用带有集成学习和区块链的轻量级卷积神经网络模型从图像中检测安卓恶意软件,用于移动设备。
PeerJ Comput Sci. 2025 May 30;11:e2918. doi: 10.7717/peerj-cs.2918. eCollection 2025.

本文引用的文献

1
PermDroid a framework developed using proposed feature selection approach and machine learning techniques for Android malware detection.PermDroid是一个使用所提出的特征选择方法和机器学习技术开发的用于安卓恶意软件检测的框架。
Sci Rep. 2024 May 10;14(1):10724. doi: 10.1038/s41598-024-60982-y.
2
AndroDex: Android Dex Images of Obfuscated Malware.AndroDex:混淆恶意软件的 Android Dex 映像。
Sci Data. 2024 Feb 16;11(1):212. doi: 10.1038/s41597-024-03027-3.
3
Evaluation and classification of obfuscated Android malware through deep learning using ensemble voting mechanism.
基于集成投票机制的深度学习评估和分类混淆型 Android 恶意软件。
Sci Rep. 2023 Feb 22;13(1):3093. doi: 10.1038/s41598-023-30028-w.
4
AndroMalPack: enhancing the ML-based malware classification by detection and removal of repacked apps for Android systems.AndroMalPack:通过检测和移除针对 Android 系统的重打包应用,增强基于机器学习的恶意软件分类。
Sci Rep. 2022 Nov 14;12(1):19534. doi: 10.1038/s41598-022-23766-w.
5
Android malware detection using hybrid ANFIS architecture with low computational cost convolutional layers.使用具有低计算成本卷积层的混合自适应神经模糊推理系统(ANFIS)架构进行安卓恶意软件检测。
PeerJ Comput Sci. 2022 Sep 26;8:e1092. doi: 10.7717/peerj-cs.1092. eCollection 2022.
6
FG-Droid: Grouping based feature size reduction for Android malware detection.FG-Droid:用于安卓恶意软件检测的基于分组的特征尺寸缩减
PeerJ Comput Sci. 2022 Jul 14;8:e1043. doi: 10.7717/peerj-cs.1043. eCollection 2022.
7
A Survey of Convolutional Neural Networks: Analysis, Applications, and Prospects.卷积神经网络综述:分析、应用与展望
IEEE Trans Neural Netw Learn Syst. 2022 Dec;33(12):6999-7019. doi: 10.1109/TNNLS.2021.3084827. Epub 2022 Nov 30.
8
AndroAnalyzer: android malicious software detection based on deep learning.安卓分析器:基于深度学习的安卓恶意软件检测
PeerJ Comput Sci. 2021 May 10;7:e533. doi: 10.7717/peerj-cs.533. eCollection 2021.
9
Deep learning.深度学习。
Nature. 2015 May 28;521(7553):436-44. doi: 10.1038/nature14539.