利用GNNExplainer分析第三方API改善敏感子圖提取方法以提升Android惡意程式檢測能力

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：87

、訪客IP：18.117.154.134

姓名

張華哲(Hua-Che Chang) 查詢紙本館藏

畢業系所

資訊管理學系

論文名稱

利用GNNExplainer分析第三方API改善敏感子圖提取方法以提升Android惡意程式檢測能力
(Enhancing Android Malware Detection through Improved Sensitive Subgraph:A GNNExplainer-based Approach for Third-party API Analysis)

相關論文

★ 應用數位版權管理機制於數位影音光碟內容保護之研究	★ 以應用程式虛擬化技術達成企業軟體版權管理之研究
★ 以IAX2為基礎之網頁電話架構設計	★ 應用機器學習技術協助警察偵辦詐騙案件之研究
★ 擴充防止詐欺及保護隱私功能之帳戶式票務系統研究-以大眾運輸為例	★ 網際網路半結構化資料之蒐集與整合研究
★ 電子商務環境下網路購物幫手之研究	★ 網路安全縱深防護機制之研究
★ 國家寬頻實驗網路上資源預先保留與資源衝突之研究	★ 以樹狀關聯式架構偵測電子郵件病毒之研究
★ 考量地區差異性之隨選視訊系統影片配置研究	★ 不信任區域網路中數位證據保留之研究
★ 入侵偵測系統事件說明暨自動增加偵測規則之整合性輔助系統研發	★ 利用程序追蹤方法關聯分散式入侵偵測系統之入侵警示研究
★ 一種網頁資訊擷取程式之自動化產生技術研發	★ 應用XML/XACML於工作流程管理系統之授權管制研究

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

至系統瀏覽論文 (2026-7-31以後開放)

摘要(中)

隨著Android平台的普及和應用程式功能的不斷擴展，第三方函式庫的使用日益普遍。然而這些未經嚴格審核的函式庫可能存在安全隱患，成為惡意程式的潛在工具，引發供應鏈攻擊等新型威脅。本研究旨在改進現有的Android惡意程式檢測系統，特別聚焦於改善敏感子圖的前處理方法。我們的目標是防止攻擊者利用第三方函式庫中的API執行敏感行為或利用先前研究認定為無害的API來製作的危害第三方函式庫，通過改善圖結構前處理方式，以提高檢測系統對新興威脅的防禦能力。
本研究採用了圖神經網路和GNNExplainer解釋性技術，提出了一種創新的方法來評估敏感的第三方函式庫API。通過分析GNNExplainer生成的惡意和良性行為子圖，並結合本研究的敏感API評分方法能夠有效辨別出調用敏感資訊和執行敏感操作的第三方API，同時也能辨別具有類似行為的官方API。基於這個全面的敏感API列表，我們生成更加精確和完整的敏感子圖，作為惡意程式檢測模型的輸入。
根據實驗結果，本方法在保留完整惡意行為的同時，有效降低了圖結構的複雜性。相較於現有研究如SFCGDroid和DGCNDroid的敏感子圖方法，本方法在多項檢測指標上均有所提升。現有模型架構下本方法的敏感子圖F1-Score可以達到96.33%，比SFCGDroid、DGCNDroid表現分別高出1%、2%，訓練時間分別減少了3%、58%。除此之外，本研究提出的檢測系統在CICMalDroid2020與AndroZoo資料集中F1-Score的表現高達98.65%，也相比於現有敏感子圖檢測系統F1-Score表現好上1~4%，並且訓練時間可以減少3倍以上。

摘要(英)

The increasing use of third-party libraries in Android applications has introduced new security vulnerabilities, including potential supply chain attacks. This research aims to enhance Android malware detection systems by improving the preprocessing of sensitive subgraphs. Our focus is on preventing attackers from exploiting third-party library APIs to perform sensitive operations or utilizing APIs previously deemed harmless to create malicious third-party libraries. These malicious activities could include unauthorized access to sensitive information, execution of harmful operations, or compromising the integrity of the host application.
We propose an innovative method using graph neural networks and GNNExplainer to evaluate sensitive APIs in third-party libraries and official Android APIs. By analyzing behavior subgraphs and employing our novel API scoring technique, we generate more precise sensitive subgraphs for enhanced malware detection.
Experimental results show that our method reduces graph complexity while preserving malicious behaviors. Our approach achieves a sensitive subgraph F1-Score of 96.33%, outperforming existing methods like SFCGDroid and DGCNDroid by 1-2%, with reduced training times. On the CICMalDroid2020 and AndroZoo datasets, our system reaches an F1-Score of 98.65%, surpassing current systems by 1-4% while reducing training time by over 4 times. These improvements significantly enhance the detection system′s capabilities against emerging Android application threats.

關鍵字(中)

★ 敏感子圖
★ 第三方函式庫API
★ 解釋性技術
★ 圖神經網路
★ Android惡意程式檢測系統

關鍵字(英)

★ Sensitive Subgraphs
★ Third-Party Library APIs
★ Explainable AI
★ Graph Neural Networks
★ Android Malware Detection System

論文目次

Abstract iii
誌謝 iv
目錄 v
圖目錄 vii
表目錄 ix
一、緒論 1
1-1 研究背景 1
1-2 研究動機 2
1-3 研究目的 5
1-4 研究貢獻 5
1-5 章節架構 6
二、文獻探討 7
2-1 Android惡意程式檢測系統 7
2-2 第三方函式庫安全問題 8
2-2-1 隱私洩漏 8
2-2-2 函式庫漏洞 9
2-2-3 惡意第三方函式庫 9
2-2-4 廣告詐欺 11
2-3 敏感子圖 12
2-3-1 敏感類別 12
2-3-2 敏感API列表 13
2-4 API節點語意特徵 14
2-5 圖神經網路 17
2-6 相關研究小結 19
三、研究方法 20
3-1 系統架構 20
3-2 敏感API分析模組 20
3-2-1 特徵生成模組(Feature Generator Module) 21
3-2-2 行為子圖生成 24
3-2-3 API敏感度計算 28
3-3 模型檢測模組 30
3-3-1 敏感子圖生成 30
3-3-2 GNN模型訓練與預測惡意程式 32
四、實驗與結果分析 34
4-1 實驗環境 34
4-1-1 硬體設備 34
4-1-2 軟體環境 35
4-1-3 實驗資料集 36
4-2 評估指標 36
4-3 評估問題 38
4-4 實驗設計與結果 38
4-4-1 實驗一 39
4-4-2 實驗二 47
4-4-3 實驗三 51
4-4-4 實驗四 53
4-4-5 實驗五 60
五、結論與未來研究 64
5-1 研究結論 64
5-2 研究限制 65
5-3 未來研究 65

參考文獻

[1] “Mobile network subscriptions worldwide 2028,” Statista. Accessed: Mar. 12, 2024. [Online]. Available: https://www.statista.com/statistics/330695/number-of-smartphone-users-worldwide/
[2] “Smartphone market shares by vendor 2009-2023,” Statista. Accessed: Mar. 12, 2024. [Online]. Available: https://www.statista.com/statistics/271496/global-market-share-held-by-smartphone-vendors-since-4th-quarter-2009/
[3] “How to detect and avoid malware on Android devices,” usa.kaspersky.com. Accessed: Mar. 12, 2024. [Online]. Available: https://usa.kaspersky.com/resource-center/preemptive-safety/avoid-android-malware
[4] F. Deldar and M. Abadi, “Deep Learning for Zero-day Malware Detection and Classification: A Survey,” ACM Comput. Surv., vol. 56, no. 2, Sep. 2023, doi: 10.1145/3605775.
[5] G. He, B. Xu, L. Zhang, and H. Zhu, “On-Device Detection of Repackaged Android Malware via Traffic Clustering,” Security and Communication Networks, vol. 2020, p. 8630748, May 2020, doi: 10.1155/2020/8630748.
[6] M. Fan et al., “Android Malware Familial Classification and Representative Sample Selection via Frequent Subgraph Analysis,” IEEE Transactions on Information Forensics and Security, vol. 13, no. 8, pp. 1890–1905, 2018, doi: 10.1109/TIFS.2018.2806891.
[7] “Most frequent trackers - Google Play,” exodus. Accessed: Jun. 26, 2024. [Online]. Available: https://reports.exodus-privacy.eu.org/en/trackers/stats/
[8] X. Zhan et al., “Research on Third-Party Libraries in Android Apps: A Taxonomy and Systematic Literature Review,” IEEE Transactions on Software Engineering, vol. 48, no. 10, pp. 4181–4213, Oct. 2022, doi: 10.1109/TSE.2021.3114381.
[9] “SpinOk 惡意軟體 - Check Point 軟體,” Check Point Software. Accessed: Jun. 26, 2024. [Online]. Available: https://www.checkpoint.com/tw/cyber-hub/threat-prevention/what-is-malware/spinok-malware/
[10] S. Chen, B. Lang, H. Liu, Y. Chen, and Y. Song, “Android malware detection method based on graph attention networks and deep fusion of multimodal features,” Expert Systems with Applications, vol. 237, p. 121617, Mar. 2024, doi: 10.1016/j.eswa.2023.121617.
[11] H. Wu, N. Luktarhan, G. Tian, and Y. Song, “An Android Malware Detection Approach to Enhance Node Feature Differences in a Function Call Graph Based on GCNs,” Sensors, vol. 23, no. 10, 2023, doi: 10.3390/s23104729.
[12] Z. Liu, R. Wang, N. Japkowicz, H. M. Gomes, B. Peng, and W. Zhang, “SeGDroid: An Android malware detection method based on sensitive function call graph learning,” Expert Systems with Applications, vol. 235, p. 121125, 2024, doi: https://doi.org/10.1016/j.eswa.2023.121125.
[13] S. Shi, S. Tian, B. Wang, T. Zhou, and G. Chen, “SFCGDroid: android malware detection based on sensitive function call graph,” International Journal of Information Security, vol. 22, no. 5, pp. 1115–1124, Oct. 2023, doi: 10.1007/s10207-023-00679-x.
[14] Y. He, Y. Liu, L. Wu, Z. Yang, K. Ren, and Z. Qin, “MsDroid: Identifying Malicious Snippets for Android Malware Detection,” IEEE Transactions on Dependable and Secure Computing, vol. 20, no. 3, pp. 2025–2039, Jun. 2023, doi: 10.1109/TDSC.2022.3168285.
[15] L. Gong et al., “Systematically Landing Machine Learning onto Market-Scale Mobile Malware Detection,” IEEE Transactions on Parallel and Distributed Systems, vol. 32, no. 7, pp. 1615–1628, 2021, doi: 10.1109/TPDS.2020.3046092.
[16] F. Ou and J. Xu, “S3Feature: A static sensitive subgraph-based feature for android malware detection,” Computers & Security, vol. 112, p. 102513, Jan. 2022, doi: 10.1016/j.cose.2021.102513.
[17] H.-H. Yang, “A Research of Android Anti-Obfuscated Malware Detection Combined with Function Call Graph Semantic Feature and Domain Adaptation,” presented at the Cryptology and Information Security Conference 2023, 2023.
[18] X. Zhan et al., “A Systematic Assessment on Android Third-Party Library Detection Tools,” IEEE Transactions on Software Engineering, vol. 48, no. 11, pp. 4249–4273, Jan. 2022, doi: 10.1109/TSE.2021.3115506.
[19] H.-Y. Wang, Y. Guo, Z.-A. Ma, and X.-Q. Chen, “Automated Detection and Classification of Third-Party Libraries in Large Scale Android Apps,” Ruan Jian Xue Bao/Journal of Software, vol. 28, pp. 1373–1388, Jun. 2017, doi: 10.13328/j.cnki.jos.005221.
[20] Z. Ying, D. Bourgeois, J. You, M. Zitnik, and J. Leskovec, “GNNExplainer: Generating Explanations for Graph Neural Networks,” in Advances in Neural Information Processing Systems, H. Wallach, H. Larochelle, A. Beygelzimer, F. d’Alché-Buc, E. Fox, and R. Garnett, Eds., Curran Associates, Inc., 2019. [Online]. Available: https://proceedings.neurips.cc/paper_files/paper/2019/file/d80b7040b773199015de6d3b4293c8ff-Paper.pdf
[21] Y. Wu, C. Sun, D. Zeng, G. Tan, S. Ma, and P. Wang, “LibScan: towards more precise third-party library identification for android applications,” in Proceedings of the 32nd USENIX Conference on Security Symposium, in SEC ’23. USA: USENIX Association, Aug. 2023, pp. 3385–3402.
[22] Y. Yang, X. Du, Z. Yang, and X. Liu, “Android Malware Detection Based on Structural Features of the Function Call Graph,” Electronics, vol. 10, no. 2, Art. no. 2, Jan. 2021, doi: 10.3390/electronics10020186.
[23] N. Peiravian and X. Zhu, “Machine Learning for Android Malware Detection Using Permission and API Calls,” in 2013 IEEE 25th International Conference on Tools with Artificial Intelligence, 2013, pp. 300–305. doi: 10.1109/ICTAI.2013.53.
[24] Z. Ma, H. Ge, Y. Liu, M. Zhao, and J. Ma, “A Combination Method for Android Malware Detection Based on Control Flow Graphs and Machine Learning Algorithms,” IEEE Access, vol. 7, pp. 21235–21245, 2019, doi: 10.1109/ACCESS.2019.2896003.
[25] H. Haidros Rahima Manzil and M. Naik S, “DynaMalDroid: Dynamic Analysis-Based Detection Framework for Android Malware Using Machine Learning Techniques,” in 2022 International Conference on Knowledge Engineering and Communication Systems (ICKES), 2022, pp. 1–6. doi: 10.1109/ICKECS56523.2022.10060106.
[26] A. H. Galib and B. M. Mainul Hossain, “A Systematic Review on Hybrid Analysis using Machine Learning for Android Malware Detection,” in 2019 2nd International Conference on Innovation in Engineering and Technology (ICIET), 2019, pp. 1–6. doi: 10.1109/ICIET48527.2019.9290548.
[27] X. Zhan et al., “ATVHunter: Reliable Version Detection of Third-Party Libraries for Vulnerability Identification in Android Applications,” in Proceedings of the 43rd International Conference on Software Engineering, in ICSE ’21. Madrid, Spain: IEEE Press, Nov. 2021, pp. 1695–1707. doi: 10.1109/ICSE43902.2021.00150.
[28] “Developer Program Policy - Play Console Help.” Accessed: Jun. 26, 2024. [Online]. Available: https://support.google.com/googleplay/android-developer/answer/14906471?hl=en
[29] K. Zhao et al., “Demystifying Privacy Policy of Third-Party Libraries in Mobile Apps,” in 2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE), May 2023, pp. 1583–1595. doi: 10.1109/ICSE48619.2023.00137.
[30] Z. Tan and W. Song, “PTPDroid: Detecting Violated User Privacy Disclosures to Third-Parties of Android Apps,” in 2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE), May 2023, pp. 473–485. doi: 10.1109/ICSE48619.2023.00050.
[31] S. Chen et al., “Automated poisoning attacks and defenses in malware detection systems: An adversarial machine learning approach,” Computers & Security, vol. 73, pp. 326–344, Mar. 2018, doi: 10.1016/j.cose.2017.11.007.
[32] Y. Zhang et al., “Detecting third-party libraries in Android applications with high precision and recall,” in 2018 IEEE 25th International Conference on Software Analysis, Evolution and Reengineering (SANER), Mar. 2018, pp. 141–152. doi: 10.1109/SANER.2018.8330204.
[33] Y. Wang et al., “An Empirical Study of Usages, Updates and Risks of Third-Party Libraries in Java Projects,” in 2020 IEEE International Conference on Software Maintenance and Evolution (ICSME), Sep. 2020, pp. 35–45. doi: 10.1109/ICSME46990.2020.00014.
[34] “如何處理應用程式中的 Airpush 安全漏洞 - Google說明.” Accessed: Jun. 26, 2024. [Online]. Available: https://support.google.com/faqs/answer/6376737?hl=zh-Hant
[35] “如何修正有 Vpon SDK 安全性漏洞的應用程式 - Google說明.” Accessed: Jun. 26, 2024. [Online]. Available: https://support.google.com/faqs/answer/7012047?hl=zh-Hant&sjid=8809097796796517924-AP
[36] “Software Composition Analysis (SCA): A Complete Guide.” Accessed: Jun. 26, 2024. [Online]. Available: https://blog.codacy.com/software-composition-analysis-sca
[37] Z. Zhang, W. Diao, C. Hu, S. Guo, C. Zuo, and L. Li, “An empirical study of potentially malicious third-party libraries in Android apps,” in Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, in WiSec ’20. New York, NY, USA: Association for Computing Machinery, Jul. 2020, pp. 144–154. doi: 10.1145/3395351.3399346.
[38] H. Wang, H. Li, and Y. Guo, “Understanding the Evolution of Mobile App Ecosystems: A Longitudinal Measurement Study of Google Play,” in The World Wide Web Conference, in WWW ’19. New York, NY, USA: Association for Computing Machinery, 2019, pp. 1988–1999. doi: 10.1145/3308558.3313611.
[39] M. C. Grace, W. Zhou, X. Jiang, and A.-R. Sadeghi, “Unsafe exposure analysis of mobile in-app advertisements,” in Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, in WISEC ’12. New York, NY, USA: Association for Computing Machinery, 2012, pp. 101–112. doi: 10.1145/2185448.2185464.
[40] “Mobile Advertising in 2024 - Guide To Mobile App Advertising,” adapty. Accessed: Jun. 26, 2024. [Online]. Available: https://adapty.io/blog/mobile-advertising/
[41] T. Liu et al., “MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps,” in Proceedings of The Web Conference 2020, in WWW ’20. New York, NY, USA: Association for Computing Machinery, Apr. 2020, pp. 1715–1726. doi: 10.1145/3366423.3380242.
[42] F. Dong, H. Wang, L. Li, Y. Guo, G. Xu, and S. Zhang, “How do Mobile Apps Violate the Behavioral Policy of Advertisement Libraries?,” in Proceedings of the 19th International Workshop on Mobile Computing Systems & Applications, in HotMobile ’18. New York, NY, USA: Association for Computing Machinery, 2018, pp. 75–80. doi: 10.1145/3177102.3177113.
[43] “Google AdMob - 行動應用程式營利.” Accessed: Jun. 27, 2024. [Online]. Available: https://admob.google.com/intl/zh-TW/home/
[44] F. Dong et al., “FraudDroid: automated ad fraud detection for Android apps,” in Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, in ESEC/FSE 2018. New York, NY, USA: Association for Computing Machinery, 2018, pp. 257–268. doi: 10.1145/3236024.3236045.
[45] B. Liu, S. Nath, R. Govindan, and J. Liu, “DECAF: detecting and characterizing ad fraud in mobile apps,” in Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation, in NSDI’14. USA: USENIX Association, 2014, pp. 57–70.
[46] J. Crussell, R. Stevens, and H. Chen, “MAdFraud: Investigating ad fraud in Android applications,” MobiSys 2014 - Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services, Jun. 2014, doi: 10.1145/2594368.2594391.
[47] M. Backes, S. Bugiel, E. Derr, P. McDaniel, D. Octeau, and S. Weisgerber, “On demystifying the android application framework: re-visiting android permission specification analysis,” in Proceedings of the 25th USENIX Conference on Security Symposium, in SEC’16. USA: USENIX Association, 2016, pp. 1101–1118.
[48] K. W. Y. Au, Y. F. Zhou, Z. Huang, and D. Lie, “PScout: analyzing the Android permission specification,” in Proceedings of the 2012 ACM Conference on Computer and Communications Security, in CCS ’12. New York, NY, USA: Association for Computing Machinery, 2012, pp. 217–228. doi: 10.1145/2382196.2382222.
[49] Z. Ding, H. Xu, Y. Guo, L. Yan, L. Cui, and Z. Hao, “Mal-Bert-GCN: Malware Detection by Combining Bert and GCN,” in 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2022, pp. 175–183. doi: 10.1109/TrustCom56396.2022.00034.
[50] J. Devlin, M.-W. Chang, K. Lee, and K. Toutanova, “Bert: Pre-training of deep bidirectional transformers for language understanding,” arXiv preprint arXiv:1810.04805, 2018.
[51] T. Mikolov, K. Chen, G. Corrado, and J. Dean, “Efficient Estimation of Word Representations in Vector Space,” Sep. 06, 2013, arXiv: arXiv:1301.3781. doi: 10.48550/arXiv.1301.3781.
[52] L. C. Freeman, “Centrality in social networks conceptual clarification,” Social Networks, vol. 1, no. 3, pp. 215–239, Jan. 1978, doi: 10.1016/0378-8733(78)90021-7.
[53] “Manifest.permission | Android Developers.” Accessed: Mar. 13, 2024. [Online]. Available: https://developer.android.com/reference/android/Manifest.permission
[54] “Android Open Source Project,” GitHub. Accessed: Jun. 27, 2024. [Online]. Available: https://github.com/aosp-mirror
[55] A. Mathew, P. Amudha, and S. Sivakumari, “Deep Learning Techniques: An Overview,” in Advanced Machine Learning Technologies and Applications, A. E. Hassanien, R. Bhatnagar, and A. Darwish, Eds., Singapore: Springer Singapore, 2021, pp. 599–608.
[56] Z. Wu, S. Pan, F. Chen, G. Long, C. Zhang, and P. S. Yu, “A Comprehensive Survey on Graph Neural Networks,” IEEE Transactions on Neural Networks and Learning Systems, vol. 32, no. 1, pp. 4–24, 2021, doi: 10.1109/TNNLS.2020.2978386.
[57] M. Defferrard, X. Bresson, and P. Vandergheynst, “Convolutional Neural Networks on Graphs with Fast Localized Spectral Filtering,” Feb. 05, 2017, arXiv: arXiv:1606.09375. doi: 10.48550/arXiv.1606.09375.
[58] T. N. Kipf and M. Welling, “Semi-Supervised Classification with Graph Convolutional Networks,” Feb. 22, 2017, arXiv: arXiv:1609.02907. doi: 10.48550/arXiv.1609.02907.
[59] W. L. Hamilton, R. Ying, and J. Leskovec, “Inductive representation learning on large graphs,” in Proceedings of the 31st International Conference on Neural Information Processing Systems, in NIPS’17. Red Hook, NY, USA: Curran Associates Inc., 2017, pp. 1025–1035.
[60] J. Lee, I. Lee, and J. Kang, “Self-Attention Graph Pooling,” Jun. 13, 2019, arXiv: arXiv:1904.08082. doi: 10.48550/arXiv.1904.08082.
[61] C. Cangea, P. Veličković, N. Jovanović, T. Kipf, and P. Liò, “Towards Sparse Hierarchical Graph Classifiers,” Nov. 03, 2018, arXiv: arXiv:1811.01287. doi: 10.48550/arXiv.1811.01287.
[62] J. Gu, H. Zhu, Z. Han, X. Li, and J. Zhao, “GSEDroid: GNN-based Android malware detection framework using lightweight semantic embedding,” Computers & Security, vol. 140, p. 103807, May 2024, doi: 10.1016/j.cose.2024.103807.
[63] K. Xu, W. Hu, J. Leskovec, and S. Jegelka, “How Powerful are Graph Neural Networks?,” Feb. 22, 2019, arXiv: arXiv:1810.00826. doi: 10.48550/arXiv.1810.00826.
[64] P. Veličković, G. Cucurull, A. Casanova, A. Romero, P. Liò, and Y. Bengio, “Graph Attention Networks,” Feb. 04, 2018, arXiv: arXiv:1710.10903. doi: 10.48550/arXiv.1710.10903.
[65] Y. Li, D. Tarlow, M. Brockschmidt, and R. Zemel, “Gated Graph Sequence Neural Networks,” Sep. 22, 2017, arXiv: arXiv:1511.05493. doi: 10.48550/arXiv.1511.05493.
[66] O. Vinyals, S. Bengio, and M. Kudlur, “Order Matters: Sequence to sequence for sets,” Feb. 23, 2016, arXiv: arXiv:1511.06391. doi: 10.48550/arXiv.1511.06391.
[67] “GitHub - androguard/androguard: Reverse engineering and pentesting for Android applications.” Accessed: Mar. 12, 2024. [Online]. Available: https://github.com/androguard/androguard
[68] Guo Yan-hui, Wang Dong, Wang Xiao-Xuan, Wang Liu, and Xu Guo-Sheng, “A Generic Explaining & Locating Method for Malware Detection based on Graph Neural Networks,” Journal of Software, vol. 35, no. 8, pp. 0–0.
[69] S. Mahdavifar, A. F. Abdul Kadir, R. Fatemi, D. Alhadidi, and A. A. Ghorbani, “Dynamic Android Malware Category Classification using Semi-Supervised Deep Learning,” in 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), Aug. 2020, pp. 515–522. doi: 10.1109/DASC-PICom-CBDCom-CyberSciTech49142.2020.00094.
[70] S. Mahdavifar, D. Alhadidi, and A. Ghorbani, “Effective and Efficient Hybrid Android Malware Classification Using Pseudo-Label Stacked Auto-Encoder,” Journal of Network and Systems Management, vol. 30, Jan. 2022, doi: 10.1007/s10922-021-09634-4.
[71] K. Allix, T. F. Bissyandé, J. Klein, and Y. Le Traon, “AndroZoo: Collecting Millions of Android Apps for the Research Community,” in Proceedings of the 13th International Conference on Mining Software Repositories, in MSR ’16. New York, NY, USA: ACM, 2016, pp. 468–471. doi: 10.1145/2901739.2903508.
[72] A. lin, “【Python學習筆記】常見的二元分類評估指標 — 混淆矩陣、ROC 曲線,” Medium. Accessed: Jun. 27, 2024. [Online]. Available: https://medium.com/@SCU.Datascientist/python%E5%AD%B8%E7%BF%92%E7%AD%86%E8%A8%98-%E5%B8%B8%E8%A6%8B%E7%9A%84%E4%BA%8C%E5%85%83%E5%88%86%E9%A1%9E%E8%A9%95%E4%BC%B0%E6%8C%87%E6%A8%99-%E6%B7%B7%E6%B7%86%E7%9F%A9%E9%99%A3-roc-%E6%9B%B2%E7%B7%9A-f214ecd84dab
[73] B. Pan, pxb1988/dex2jar. (Jun. 26, 2024). Java. Accessed: Jun. 27, 2024. [Online]. Available: https://github.com/pxb1988/dex2jar
[74] “Java Decompiler.” Accessed: Jul. 02, 2024. [Online]. Available: https://java-decompiler.github.io/
[75] “VirusTotal - Home.” Accessed: Jun. 27, 2024. [Online]. Available: https://www.virustotal.com/gui/home/upload
[76] R. Tarjan, “Depth-first search and linear graph algorithms,” in 12th Annual Symposium on Switching and Automata Theory (swat 1971), Oct. 1971, pp. 114–121. doi: 10.1109/SWAT.1971.10.
[77] V. K. V and J. C. D, “Android Malware Detection using Function Call Graph with Graph Convolutional Networks,” in 2021 2nd International Conference on Secure Cyber Computing and Communications (ICSCCC), May 2021, pp. 279–287. doi: 10.1109/ICSCCC51823.2021.9478141.

指導教授

陳奕明(Yi-Ming Chen)

審核日期

2024-7-30

推文