請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/90480
完整後設資料紀錄
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.advisor | 曹承礎 | zh_TW |
dc.contributor.advisor | Seng-Cho Chou | en |
dc.contributor.author | 蔡苑萍 | zh_TW |
dc.contributor.author | Yuan-Ping Tsai | en |
dc.date.accessioned | 2023-10-03T16:16:31Z | - |
dc.date.available | 2023-11-10 | - |
dc.date.copyright | 2023-10-03 | - |
dc.date.issued | 2023 | - |
dc.date.submitted | 2023-07-12 | - |
dc.identifier.citation | R. Achanta, A. Shaji, K. Smith, A. Lucchi, P. Fua, and S. Süsstrunk. Slic superpixels compared to state-of-the-art superpixel methods. IEEE Transactions on Pattern Analysis and Machine Intelligence, 34(11):2274–2282, 2012.
S. Akarsh, P. Poornachandran, V. K. Menon, and K. P. Soman. A Detailed Investigation and Analysis of Deep Learning Architectures and Visualization Techniques for Malware Family Identification, pages 241–286. Springer International Publish- ing, Cham, 2019. D. Arp, M. Spreitzenbarth, M. Hubner, H. Gascon, K. Rieck, and C. Siemens. Drebin: Effective and explainable detection of android malware in your pocket. In Ndss, volume 14, pages 23–26, 2014. M. J. Awan, O. A. Masood, M. A. Mohammed, A. Yasin, A. M. Zain, R. Damaše- vičius, and K. H. Abdulkareem. Image-based malware classification using vgg19 network and spatial convolutional attention. Electronics, 10(19), 2021. C. Cai and Y. Wang. A simple yet effective baseline for non-attribute graph classification. CoRR, abs/1811.03508, 2018. G. Chhablani, A. Sharma, H. Pandey, and T. Dash. Superpixel-based knowledge infusion in deep neural networks for image classification. In Proceedings of the 2022 ACM Southeast Conference, ACM SE ’22, page 243–247, New York, NY, USA, 2022. Association for Computing Machinery. A. Desnos and G. Gueguen. Android: From reversing to decompilation. Proc. of Black Hat Abu Dhabi, 01 2011. Y. Dong, Q. Liu, B. Du, and L. Zhang. Weighted feature fusion of convolutional neural network and graph attention network for hyperspectral image classification. IEEE Transactions on Image Processing, 31:1559–1572, 2022. W. El-Shafai, I. Almomani, and A. AlKhayer. Visualized malware multi- classification framework using fine-tuned cnn-based transfer learning models. Applied Sciences, 11(14), 2021. F. Errica, M. Podda, D. Bacciu, and A. Micheli. A fair comparison of graph neural networks for graph classification. CoRR, abs/1912.09893, 2019. S. Freitas, Y. Dong, J. Neil, and D. H. Chau. A large-scale database for graph representation learning. CoRR, abs/2011.07682, 2020. S. Freitas, R. Duggal, and D. H. Chau. Malnet: A large-scale image database of malicious software. In Proceedings of the 31st ACM International Conference on Information amp; Knowledge Management, CIKM ’22, page 3948–3952, New York, NY, USA, 2022. Association for Computing Machinery. S. Freitas, R. Duggal, Y. Dong, J. Neil, and C. Duen Horng. MalNet. https://mal-net.org/. H. Gao, S. Cheng, and W. Zhang. Gdroid: Android malware detection and classification with graph convolutional network. Computers & Security, 106:102264, 2021. W. L. Hamilton, R. Ying, and J. Leskovec. Inductive representation learning on large graphs. CoRR, abs/1706.02216, 2017. Y. Hei, R. Yang, H. Peng, L. Wang, X. Xu, J. Liu, H. Liu, J. Xu, and L. Sun. Hawk: Rapid android malware detection through heterogeneous graph attention networks. IEEE Transactions on Neural Networks and Learning Systems, pages 1–15, 2021. D. Hendrycks, N. Mu, E. D. Cubuk, B. Zoph, J. Gilmer, and B. Lakshminarayanan. Augmix: A simple data processing method to improve robustness and uncertainty, 2020. M. Hurier, G. Suarez-Tangil, S. K. Dash, T. F. Bissyandé, Y. Le Traon, J. Klein, and L. Cavallaro. Euphony: Harmonious unification of cacophonous anti-virus vendor labels for android malware. In 2017 IEEE/ACM 14th International Conference on Mining Software Repositories (MSR), pages 425–435, 2017. K. T. Johnson, J.M. Survey on deep learning with class imbalance., 2019. Z. X. . K. R. Khan, R.U. Analysis of resnet and googlenet models for malware detection. In J Comput Virol Hack Tech, page 29–37, 2019. T. N. Kipf and M. Welling. Semi-supervised classification with graph convolutional networks. In International Conference on Learning Representations, 2017. W. W. Lo, S. Layeghy, M. Sarhan, M. Gallagher, and M. Portmann. Graph neural network-based android malware classification with jumping knowledge. In 2022 IEEE Conference on Dependable and Secure Computing (DSC), pages 1–9, 2022. W. W. Lo, X. Yang, and Y. Wang. An xception convolutional neural network for malware classification with transfer learning. In 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pages 1–5, 2019. N. McLaughlin, J. Martinez del Rincon, B. Kang, S. Yerima, P. Miller, S. Sezer, Y. Safaei, E. Trickel, Z. Zhao, A. Doupé, and G. Joon Ahn. Deep android malware detection. In Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, CODASPY ’17, page 301–308, New York, NY, USA, 2017. Association for Computing Machinery. E. Rezende, G. Ruppert, T. Carvalho, F. Ramos, and P. de Geus. Malicious software classification using transfer learning of resnet-50 deep neural network. In 2017 16th IEEE International Conference on Machine Learning and Applications (ICMLA), pages 1011–1014, 2017. B. Rozemberczki and R. Sarkar. Characteristic functions on graphs: Birds of a feather, from statistical descriptors to parametric models. In Proceedings of the 29th ACM International Conference on Information amp; Knowledge Management, CIKM ’20, page 1325–1334, New York, NY, USA, 2020. Association for Computing Machinery. R. Taheri, M. Ghahramani, R. Javidan, M. Shojafar, Z. Pooranian, and M. Conti. Similarity-based android malware detection using hamming distance of static binary features. Future Generation Computer Systems, 105:230–247, 2020. A. Tsitsulin, M. Munkhoeva, and B. Perozzi. Just slaq when you approximate: Accurate spectral distances for web-scale graphs. In Proceedings of The Web Conference 2020, WWW ’20, page 2697–2703, New York, NY, USA, 2020. Association for Computing Machinery. D. Vasan, M. Alazab, S. Wassan, B. Safaei, and Q. Zheng. Image-based malware classification using ensemble of cnn architectures (imcec). Computers Security, 92:101748, 2020. R. Vinayakumar, K. P. Soman, and P. Poornachandran. Deep android malware detection and classification. In 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pages 1677–1683, 2017. W. Wang, Y. Li, X. Wang, J. Liu, and X. Zhang. Detecting android malicious apps and categorizing benign apps with ensemble of classifiers. Future Generation Computer Systems, 78:987–994, 2018. M. Woźniak, J. Siłka, M. Wieczorek, and M. Alrashoud. Recurrent neural network model for iot and networking malware threat detection. IEEE Transactions on Industrial Informatics, 17(8):5583–5594, 2021. K. Xu, W. Hu, J. Leskovec, and S. Jegelka. How powerful are graph neural networks? In International Conference on Learning Representations, 2019. K. Xu, C. Li, Y. Tian, T. Sonobe, K. Kawarabayashi, and S. Jegelka. Representation learning on graphs with jumping knowledge networks. CoRR, abs/1806.03536, 2018. Y. Yang, X. Du, Z. Yang, and X. Liu. Android malware detection based on structural features of the function call graph. Electronics, 10(2):186, 2021. S. Y. Yerima, S. Sezer, G. McWilliams, and I. Muttik. A new android malware detection approach using bayesian classification. In 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA), pages 121–128, 2013. | - |
dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/90480 | - |
dc.description.abstract | 在現今行動作業系統市場上,Android是目前用戶人數最多的,由於開放且自由的開發環境,任何開發者皆能夠在Android平台上自行開發APK檔,然而,這樣的開放性及自由性也產生巨大的資訊安全風險,許多有心人士基於各種原因將惡意程式潛藏於APK檔中,這樣的惡意程式攻擊造成許多危害,因此,能夠精準且有效率的偵測及分類惡意程式的方法,在資訊安全領域研究上顯得極為重要。
本研究欲提出一能夠精準且有效率的去偵測及分類惡意程式的方法,能夠找到惡意程式與正常程式之間潛藏的關係,並且透過這樣的關係去學習惡意程式的行為模式,最終能夠正確識別及分類惡意程式。 本研究預計使用基於卷積神經網絡架構及基於圖神經網絡架構的混合模型來訓練惡意程式資料,並使用一公開大規模惡意軟體資料集 — MalNet-image tiny進行實驗,針對資料集中的圖像資料格式、多種的惡意程式類型及混合模型使用上,去設計多種可實驗的場景。最終在評估模型及實驗結果方面,在結果表現方面預計與過往相關的研究以及基準實驗結果進行比較。 | zh_TW |
dc.description.abstract | In today's mobile operating system market, Android has the largest user base. Due to its open and flexible development environment, any developer can develop APK files on the Android platform. However, such openness and flexibility also pose significant information security risks. Malware can be hidden within APK files for various reasons, resulting in various harms. Therefore, it is crucial to have accurate and efficient methods for detecting and classifying malware in the field of information security research.
This study aims to propose a precise and efficient method for detecting and classifying malware by uncovering the hidden relationships between malware and benign. Through these relationships, the study seeks to learn the behavioral patterns of malware and ultimately achieve accurate identification and classification. This study aims to employ a hybrid model based on convolutional neural network (CNN) and graph neural network (GNN) architectures to train on malware data. The experiment will be conducted using a publicly available large-scale dataset called MalNet, which encompasses a diverse range of malware. The dataset includes various image data formats and covers multiple types of malware, allowing for the design of multiple experimental scenarios incorporating the hybrid model. Finally, in terms of evaluating the models and experimental results, a comparison will be made with relevant previous studies and benchmark experiments. | en |
dc.description.provenance | Submitted by admin ntu (admin@lib.ntu.edu.tw) on 2023-10-03T16:16:31Z No. of bitstreams: 0 | en |
dc.description.provenance | Made available in DSpace on 2023-10-03T16:16:31Z (GMT). No. of bitstreams: 0 | en |
dc.description.tableofcontents | 致謝 i
摘要 ii Abstract iii 目錄 v 圖目錄 viii 表目錄 ix 第一章 緒論 1 1.1 研究背景與動機 1 1.2 論文架構 5 第二章 文獻探討 6 2.1 基於機器學習的 Android 惡意軟體研究 6 2.2 基於深度學習的 Android 惡意軟體分類 7 2.2.1 基於卷積神經網絡架構 8 2.2.2 基於遞迴神經網絡架構 9 2.2.3 基於圖神經網絡架構 10 2.3 基於 MalNet 資料集的基準實驗 11 2.3.1 圖像資料格式 11 2.3.2 圖資料格式 12 2.4 總結 13 第三章 研究方法 15 3.1 研究問題定義 15 3.2 研究模型 16 3.2.1 圖神經網絡模塊 18 3.2.1.1 超像素分割 18 3.2.1.2 建構邊 19 3.2.1.3 GraphSAGE 19 3.2.1.4 跳躍知識網絡 21 3.2.2 卷積神經網絡模塊 23 3.2.2.1 資料擴增 23 3.2.2.2 卷積層 26 3.2.2.3 池化層 27 3.2.3 模型混合及分類 28 第四章 實驗結果 30 4.1 資料集描述 30 4.1.1 MalNet 30 4.1.2 小型資料集(tiny) 33 4.2 實驗評估指標 35 4.3 實驗設置 36 4.4 實驗結果 37 4.4.1 實驗 1:Malnet-image tiny 分類 37 4.4.2 實驗 2:不同資料量範圍分類 38 4.4.3 實驗 3:惡意程式 v.s. 正常程式分類 39 4.4.4 實驗 4:模型有效性 40 第五章 結論 43 參考文獻 45 附錄 A — 類別數量統計 51 | - |
dc.language.iso | zh_TW | - |
dc.title | 基於混合神經網絡之惡意程式偵測與分類-以 Android 作業系統為例 | zh_TW |
dc.title | Android Malware Detection and Classification with Hybrid Deep Neural Network | en |
dc.type | Thesis | - |
dc.date.schoolyear | 111-2 | - |
dc.description.degree | 碩士 | - |
dc.contributor.oralexamcommittee | 陳建錦;林俊叡 | zh_TW |
dc.contributor.oralexamcommittee | Chien-Chin Chen;Raymund Lin | en |
dc.subject.keyword | Android 惡意軟體,圖神經網路,卷積神經網路,深度學習,惡意軟體識別,惡意軟體分類, | zh_TW |
dc.subject.keyword | Android malware,Graph neural network,Convolution neural network,Deep learning,Malware detection,Malware classification, | en |
dc.relation.page | 53 | - |
dc.identifier.doi | 10.6342/NTU202301416 | - |
dc.rights.note | 未授權 | - |
dc.date.accepted | 2023-07-13 | - |
dc.contributor.author-college | 管理學院 | - |
dc.contributor.author-dept | 資訊管理學系 | - |
顯示於系所單位: | 資訊管理學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-111-2.pdf 目前未授權公開取用 | 2.76 MB | Adobe PDF |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。