English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 41645120      線上人數 : 1221
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/86607


    題名: 使用於行動惡意程式偵測之 局部權重系統呼叫序列壓縮方法;Local weight system calls sequence compression method used in mobile malware detection
    作者: 劉育祺;Liu, Yu-Chi
    貢獻者: 資訊管理學系
    關鍵詞: Android 惡意程式分析;動態分析;系統呼叫序列;系統呼叫序列;深度學習;Android malware detection;Dynamic analysis;System call sequence;long sequence compression method;Deep learning
    日期: 2021-07-26
    上傳時間: 2021-12-07 13:01:15 (UTC+8)
    出版者: 國立中央大學
    摘要: 隨著近年來持有行動裝置的數量逐漸增長,且越來越多的使用者將個人隱私資訊儲存於行動裝置,而其中以Android作業系統為最受歡迎的平台,但由於其平台開放性的緣故,使得大量的駭客以Android平台為首要攻擊目標,嚴重影響使用者的隱私安全。在Android惡意程式偵測領域中的動態分析能夠藉由將程式實際執行並透過將執行過程紀錄,實際了解程式實際執行的行為,並加以分析,其中常見的特徵為系統呼叫,同時隨著近年來深度學習的快速發展,使得惡意程式偵測領域達到更佳的分析結果。但由於取得的系統呼叫序列為應用程式執行一段時間所產生的執行紀錄,因此取得到的特徵屬於一段長序列,而長序列特徵會造成深度學習的模型訓練不佳以及訓練時間過長的問題,因此本研究提出一種基於局部權重的系統呼叫序列壓縮方法,能使壓縮的序列仍具有序列關係,並透過局部權重方法強化壓縮過的序列特徵,使深度學習模型快速訓練且達到高準確率的效果,並在二元分類的表現Accuracy以及F1-Score達到95.32%以及95.31%。;With the gradual increase in the number of mobile devices held in recent years, and more and more users store personal privacy information on their mobile devices. And the Android operating system is the most popular operating system. However, due to the openness of its platform, a large number of hackers take the Android platform as the primary target of attack, which seriously affects the privacy and security of users. Dynamic analysis in the field of Android malware detection can analyze the actual execution behavior of the application by actually executing the application and recording the execution process. The common feature in Dynamic analysis is system calls. At the same time, with the rapid development of deep learning in recent years, the field of Android malware detection has achieved better analysis results. However, the extracted system call sequence is an execution record generated by the application running for a period of time, it belongs to a long sequence, and the long sequence features will cause problems such as poor training of the deep learning model and excessive training time. Therefore, this research proposes a system call sequence compression method based on local weights, which can make the compressed sequence still have sequence relationship, and strengthen the compressed sequence features through the local weight method, so that the deep learning model can be trained quickly and achieve high accuracy. And the performance Accuracy and F1-Score in the binary classification reached 95.32% and 95.31%.
    顯示於類別:[資訊管理研究所] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML79檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明