請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/7772
完整後設資料紀錄
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.advisor | 廖世偉(Shih-wei Liao) | |
dc.contributor.author | Zhi-Feng Feng | en |
dc.contributor.author | 馮志峰 | zh_TW |
dc.date.accessioned | 2021-05-19T17:53:02Z | - |
dc.date.available | 2027-07-11 | |
dc.date.available | 2021-05-19T17:53:02Z | - |
dc.date.copyright | 2017-07-17 | |
dc.date.issued | 2017 | |
dc.date.submitted | 2017-07-12 | |
dc.identifier.citation | [1] VirusShare. Apk data set,2016. https://virusshare.com/.
[2] Google. Android Permission introduce,2017. https://developer.android.com/guide/topics/permissions/index.html. [3] Chih-Chung Chang and Chih-Jen Lin. LIBSVM -- A Library for Support Vector Machines,2017. https://www.csie.ntu.edu.tw/~cjlin/libsvm/. [4] Geoff Gordon.Support Vector Machine and Kernel Methods,2004. https://www.cs.cmu.edu/~ggordon/SVMs/new-svms-and-kernels.pdf. [5] ashishb,android-malware-samples,2016, https://github.com/ashishb/android-malware. [6] Dong-Jie Wu ; Ching-Hao Mao ;Te-En Wei ;Hahn-Ming Lee and Kuo-Ping Wu: Android Malware Detection through Manifest and API Calls Tracing, 2012 [7] Takamasa Isohara ; Keisuke Takemori ; Ayumu Kubota: Kernel-based Behavior Analysis for Android Malware Detection, 10.1109/CIS.2011.226,2012a. [8] Asaf ShabtaiEmail author Uri Kanonov Yuval Elovici Chanan Glezer and Yael Weiss:“Andromaly”: a behavioral malware detection framework for android devices,10.1007/s10844-010-0148-x,2011b [9] Hsuan-Tien Lin and Ling Li:Support Vector Machinery for Infinite Ensemble Learning, Journal of Machine Learning Research 9 (2008) 285-312,2008 | |
dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/7772 | - |
dc.description.abstract | Android作為當今最流行的作業系統,已經被世界上成千上萬的使用者所使用,但是正是基於Andoird天生開源的特性,讓很多開發者在開發app的過程中,可以利用系統或者是手機自身的許可權申請以及目前市面上還不健全的應用商店審核機制,開發惡意軟體從而危害到使用者的手機內的個人資料和隱私。在此篇論文中,我們提供了一種能夠檢測惡意軟體的機制,通過提取Android APK的許可權申請作為特徵點,通過已經使用大量資料訓練完的svm模型對這個軟體做判斷,再和已經訓練完的深度學習模型進行集成學習從而完成檢測的目的,在完成檢測目的之後,我們會使用我們開發的Android Dynamic Framework來hook掉潛在的惡意軟體中的Main-Activity中的onCreate的方法,從而完成阻擋app的作用。 | zh_TW |
dc.description.abstract | Android as the most popular operating system, has been the world's tens of thousands of users to use, but it is based on Andoird natural open source features, so many developers in the process of developing app, you can use the system or mobile phone Its own license application and the current market is not perfect application store review mechanism, the development of malicious software to harm the user's mobile phone personal data and privacy. In this paper, we provide a mechanism to detect malware, by extracting the Android APK permission application as a feature point, through the use of a large number of data training svm model to judge the software to complete the purpose of testing , After the completion of the detection purposes, we will use our development of the Android Dynamic Framework to hook off the potential malware in the MainActivity in the onCreate method to complete the role of blocking app. | en |
dc.description.provenance | Made available in DSpace on 2021-05-19T17:53:02Z (GMT). No. of bitstreams: 1 ntu-106-R04922146-1.pdf: 1344296 bytes, checksum: 371d41f113e82f84b9eb5498fd719a32 (MD5) Previous issue date: 2017 | en |
dc.description.tableofcontents | 致謝 1
摘要 2 Abstract 3 1 Introduction 6 2 Background 7 2.1 Android APK.......................7 2.2 Android 許可權限機制...............7 2.3 SVM...............................9 3 Problem Statement 13 3.1 選取特徵點........................13 3.2 提取特徵點........................17 3.3 Kernel function..................18 3.4 SVM參數(C&gamma).................19 3.5 Grid Search......................20 3.6 Ensemble Learning................22 4 Enviroment & Result 23 4.1 實驗數據來源......................23 4.2 平臺介紹..........................23 4.3 最優化參數選擇.....................23 4.4 評估方法..........................24 4.5 Ensemble Learning Result.........27 4.6 Demo.............................29 5 Android Dynamic Framework interception 31 5.1 Introduction.....................31 5.2 Hook time........................32 5.3 Interception process.............32 6 Issues & Future Works 34 6.1 Detection Issue & Future Work.................................34 6.2 ADF Interception Issue & Future Work.................................35 7 Conclusion 36 Bibliography 37 | |
dc.language.iso | zh-TW | |
dc.title | 基於機器學習&Android Dynamic Framework的惡意軟體檢測和攔截 | zh_TW |
dc.title | Android Malware application detection and intercepts based on SVM | en |
dc.type | Thesis | |
dc.date.schoolyear | 105-2 | |
dc.description.degree | 碩士 | |
dc.contributor.oralexamcommittee | 徐慰中(WC Hsu),蔡芸琤(Yun-Cheng Tsai),郁方(Fang Yu),蘇中才(A-Tsai Su) | |
dc.subject.keyword | 機器學習,Android Dynamic Framework,惡意軟體檢測,攔截, | zh_TW |
dc.subject.keyword | Machine Learning,ADF,Malware appd etection,interception, | en |
dc.relation.page | 37 | |
dc.identifier.doi | 10.6342/NTU201701446 | |
dc.rights.note | 同意授權(全球公開) | |
dc.date.accepted | 2017-07-13 | |
dc.contributor.author-college | 電機資訊學院 | zh_TW |
dc.contributor.author-dept | 資訊工程學研究所 | zh_TW |
dc.date.embargo-lift | 2027-07-11 | - |
顯示於系所單位: | 資訊工程學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-106-1.pdf 此日期後於網路公開 2027-07-11 | 1.31 MB | Adobe PDF |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。