基于多模态特征融合的Android恶意程序检测方法研究
Research on Android malware detection method based on multimodal feature fusion
葛继科 1何明坤 1陈祖琴 1凌劲 1张一帆1
作者信息
- 1. 重庆科技大学计算机科学与工程学院,重庆 401331
- 折叠
摘要
现有Android恶意程序检测方法主要使用单模态数据来表征程序特征,未能将不同的特征信息进行充分挖掘和融合,导致检测效果不够理想.为了提升检测的准确率和鲁棒性,提出一种基于多模态特征融合的Android恶意程序检测方法.首先对权限信息进行编码处理并将Dalvik字节码数据可视化为"矢量"RGB图像,然后构建前馈神经网络和卷积神经网络分别对文本和图像模态表征的数据进行特征提取,最后对提取的不同模态特征向量分配不同的权重并相加进行融合后对其进行分类.实验结果表明,该方法对Android恶意程序的识别准确率和F1分数都达到了 98.66%,且具有良好的鲁棒性.
Abstract
Existing Android malware detection methods mainly use single-modal data to characterize program features,but fail to fully mine and fuse different feature information,resulting in unsatisfactory detection results.In order to improve the accuracy and robustness of detection,a method for detecting Android malware based on multimodal feature fusion is proposed.Firstly,the permission information is encoded and the Dalvik bytecode data is visualized as a"vector"RGB image.Then,a feedforward neu-ral network and a convolutional neural network are constructed to extract features from the data represented by text and image modalities,respectively.Finally,different weights are assigned to the extracted feature vectors of different modalities,which are added and fused before classification.Experimental results show that the recognition accuracy and F1 score of this method for Android malware both reach 98.66%,and it has good robustness.
关键词
Android/恶意程序/多模态/前馈神经网络/卷积神经网络Key words
Android/malware/multimodality/feedforward neural network/convolutional neural network引用本文复制引用
出版年
2025
NETL
NSTL
万方数据