Efficient Net結合自動編碼器壓縮模型之Android惡意程式偵測研究

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：50

、訪客IP：3.139.98.10

姓名

廖舶凱(Po-Kai Liao) 查詢紙本館藏

畢業系所

資訊管理學系

論文名稱

Efficient Net結合自動編碼器壓縮模型之Android惡意程式偵測研究
(Efficient Net combined with autoencoder compression model for Android malware detection)

相關論文

★ 應用數位版權管理機制於數位影音光碟內容保護之研究	★ 以應用程式虛擬化技術達成企業軟體版權管理之研究
★ 以IAX2為基礎之網頁電話架構設計	★ 應用機器學習技術協助警察偵辦詐騙案件之研究
★ 擴充防止詐欺及保護隱私功能之帳戶式票務系統研究-以大眾運輸為例	★ 網際網路半結構化資料之蒐集與整合研究
★ 電子商務環境下網路購物幫手之研究	★ 網路安全縱深防護機制之研究
★ 國家寬頻實驗網路上資源預先保留與資源衝突之研究	★ 以樹狀關聯式架構偵測電子郵件病毒之研究
★ 考量地區差異性之隨選視訊系統影片配置研究	★ 不信任區域網路中數位證據保留之研究
★ 入侵偵測系統事件說明暨自動增加偵測規則之整合性輔助系統研發	★ 利用程序追蹤方法關聯分散式入侵偵測系統之入侵警示研究
★ 一種網頁資訊擷取程式之自動化產生技術研發	★ 應用XML/XACML於工作流程管理系統之授權管制研究

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

現今的行動裝置普及，再加上Android作業系統的市占率越來越高，Android惡意程式增長速度越來越快，要如何準確且快速的檢測惡意程式是一個重要的議題。本論文以靜態分析作研究，並且將現今流行的圖像技術應用至Android惡意程式檢測領域中，與現有研究不同的是本研究目標設計出一種有效的分類模型，來解決惡意程式分析上模型的訓練時間冗長的問題。現有圖像惡意程式研究，大多採用VGG Net作為分類器且訓練時間冗長，本研究將自動編碼器(Autoencoder)與圖像領域上使用的深度卷積神經網路(Convolutional Neural Network)結合，運用在惡意程式分析上，旨在縮短訓練時間且達到良好的準確度。自動編碼器（Autoencoder）透過卷積層可以將輸入圖片進行特徵萃取，獲取更低維的向量，此過程可以當作是一種圖像壓縮技術，並提取重要資訊，捨棄不需要的圖像特徵；現今圖像領域中深層卷積模型Efficient Net以較多的卷積層數來獲取圖片更細節特徵，再加上有殘差網路(Residual Network)架構，減少網路退化的問題。本研究採用卷積自動編碼器，並證實可以提取惡意程式特徵將資料集維度縮小，減少訓練時間，並利用Efficient Net作為分類器，在準確度不變的前提下，縮短75%到80%至約500秒的訓練時間。

摘要(英)

With the popularity of mobile devices today and the increasing market share of Android operating systems, Android malware is growing faster and faster. How to detect malware accurately and quickly is an important issue. This paper uses static analysis for research, and applies today′s popular image technology to the Android malware detection field. Unlike the existing research, this research goal is to design an effective classification model to solve the problem of lengthy training time and can also improve accuracy. Most of the existing image malware researches use VGG Net as the classifier and they cost lots of time to train. This study combines the Autoencoder and the deep convolutional neural network used in the image field. The malware analysis aims to shorten the training time and achieve good accuracy. Autoencoder can extract feature of input picture through convolutional layer to obtain lower dimensional vector. This process can be regarded as an image compression technology. By extracting important information and discarding unnecessary image features to reduce the dimension. Nowadays in the image field, the deep convolution model Efficient Net uses more convolution layers to obtain more detailed features of the picture, plus a Residual Network architecture to reduce the problem of network degradation. This study uses a convolutional autoencoder and proves that it can extract malware features to reduce the dimension of the data set and reduce training time. under the premise of using different data sets and unchanged accuracy, shorten Up to about 500 seconds of training time.

關鍵字(中)

★ Efficient Net
★ Autoencoder
★ 靜態分析
★ 深度學習
★ Android

關鍵字(英)

論文目次

論文摘要 vi
Abstract vii
目錄 viii
圖目錄 x
表目錄 xii
第一章緒論 1
1-1 研究背景 1
1-2 研究動機 3
1-3 研究貢獻 6
1-4 章節架構 7
第二章相關研究 8
2-1 以操作碼為特徵之研究 8
2-2 以自動編碼器為模型之研究 10
2-3 以卷積神經網路為分類模型之研究 13
2-4 小結 16
第三章系統設計 18
3-1 系統架構 18
3-1-1 資料前處理 19
3-1-2 分類 26
3-1-3 評估指標 28
3-2 系統運作流程 30
第四章實驗結果 32
4-1 實驗環境與使用資料集 32
4-1-1 實驗設計 32
4-1-2 資料集 33
4-2 探討自動編碼器架構實驗 35
4-2-1 實驗一 35
4-3 與類似研究進行比較 42
4-3-1 實驗二 42
4-4 消融測試 45
4-4-1 實驗三 45
4-5 比較Efficient Net與VGG16之效能 49
4-5-1 實驗四 49
4-6 實驗結果與討論 51
第五章結論與未來研究 52
5-1 結論與貢獻 52
5-2 未來研究 54
參考文獻 56

參考文獻

[參考網站]
[1] Statcounter, "Mobile Operating System Market Share Worldwide," Available: https://gs.statcounter.com/os-market-share/mobile/worldwide, 2020.
[2] McAfee, "McAfee Labs Threats Report," Available: https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-aug-2019.pdf 2019.
[3] Wiki, "Static program analysis," Available:https://en.wikipedia.org/wiki/Static_program_analysis.
[4] Wiki, "Dynamic program analysis," Available: https://en.wikipedia.org/wiki/Dynamic_program_analysis.
[25] "Apktool(A tool for reverse engineering 3rd party)," Available: https://ibotpeaches.github.io/Apktool.
[27] "APKPure," Available: https://apkpure.com/tw/.
[28] "Android Drebin Project," Available: https://www.sec.cs.tu-bs.de/~danarp/drebin/.
[29] "Android Malware Dataset," Available: http://amd.arguslab.org/.
[33] Wiki, "Ensemble Learning," https://zh.wikipedia.org/wiki/%E9%9B%86%E6%88%90%E5%AD%A6%E4%B9%A0.
[中文文獻]
[6] 游子慧, "基於靜態特徵與機器學習之 Android 惡意程式分類研究," National Central University, 2017.
[7] 王奕鈞, "Android 平台下整合控制流與操作碼之惡意程式分析," National Central University, 2018.
[22] 張櫻瀞, "整合注意力機制與圖像化操作碼之 Android 惡意程式分析研究," National Central University, 2019.

[英文文獻]
[8] T. Hsien-De Huang and H.-Y. Kao, "R2-D2: color-inspired convolutional neural network (CNN)-based android malware detections," in 2018 IEEE International Conference on Big Data (Big Data), 2018: IEEE, pp. 2633-2642.
[9] L. Nataraj, S. Karthikeyan, G. Jacob, and B. S. Manjunath, "Malware images: visualization and automatic classification," in Proceedings of the 8th international symposium on visualization for cyber security, 2011, pp. 1-7.
[10] M. Kumari, G. Hsieh, and C. A. Okonkwo, "Deep Learning Approach To Malware Multi-Class Classification Using Image Processing Techniques," in 2017 International Conference on Computational Science and Computational Intelligence (CSCI), 2017: IEEE, pp. 13-18.
[11] K. Simonyan and A. Zisserman, "Very deep convolutional networks for large-scale image recognition," arXiv preprint arXiv:1409.1556, 2014.
[12] E. Rezende, G. Ruppert, T. Carvalho, A. Theophilo, F. Ramos, and P. de Geus, "Malicious software classification using VGG16 deep neural network’s bottleneck features," in Information Technology-New Generations: Springer, 2018, pp. 51-59.
[13] M. Tan and Q. V. Le, "Efficientnet: Rethinking model scaling for convolutional neural networks," arXiv preprint arXiv:1905.11946, 2019.
[14] N. McLaughlin et al., "Deep android malware detection," in Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, 2017, pp. 301-308.
[15] Q. Jerome, K. Allix, R. State, and T. Engel, "Using opcode-sequences to detect malicious Android applications," in 2014 IEEE International Conference on Communications (ICC), 2014: IEEE, pp. 914-919.
[16] Y.-l. Zhao and Q. Qian, "Android malware identification through visual exploration of disassembly files," International Journal of Network Security, vol. 20, no. 6, pp. 1061-1073, 2018.
[17] I. Santos, F. Brezo, X. Ugarte-Pedrero, and P. G. Bringas, "Opcode sequences as representation of executables for data-mining-based unknown malware detection," Information Sciences, vol. 231, pp. 64-82, 2013.
[18] A. Naway and Y. Li, "Android Malware Detection Using Autoencoder," arXiv preprint arXiv:1901.07315, 2019.
[19] J.-Y. Kim and S.-B. Cho, "Detecting intrusive malware with a hybrid generative deep learning model," in International Conference on Intelligent Data Engineering and Automated Learning, 2018: Springer, pp. 499-507.
[20] N. He, T. Wang, P. Chen, H. Yan, and Z. Jin, "An Android malware detection method based on deep autoencoder," in Proceedings of the 2018 artificial intelligence and cloud computing conference, 2018, pp. 88-93.
[21] T. S. John, T. Thomas, and M. M. Uddin, "A Multifamily Android Malware Detection Using Deep Autoencoder Based Feature Extraction," in 2017 Ninth International Conference on Advanced Computing (ICoAC), 2017.
[23] D. Vasan, M. Alazab, S. Wassan, H. Naeem, B. Safaei, and Q. Zheng, "IMCFN: Image-based malware classification using fine-tuned convolutional neural network architecture," Computer Networks, vol. 171, p. 107138, 2020.
[24] J. Yan, Y. Qi, and Q. Rao, "Detecting malware with an ensemble method based on deep neural network," Security and Communication Networks, vol. 2018, 2018.
[26] L. I. Smith, "A tutorial on principal components analysis," 2002.
[27] R. Hecht-Nielsen, "Theory of the backpropagation neural network," in Neural networks for perception: Elsevier, 1992, pp. 65-93.
[31] Y. Zhang, Y. Yang, and X. Wang, "A novel android malware detection approach based on convolutional neural network," in Proceedings of the 2nd International Conference on Cryptography, Security and Privacy, 2018, pp. 144-149.
[32] R. Nix and J. Zhang, "Classification of android apps and malware using deep neural networks," in 2017 International joint conference on neural networks (IJCNN), 2017: IEEE, pp. 1871-1878.

指導教授

陳奕明

審核日期

2020-7-29

推文