Malicious code detection method based on community structure analysis

Assignee

• Sichuan University · CN

Inventors

• Junfeng Wang · Chengdu, CN
• Xiaosong Zhang · Boise, US
• Yao Du · Shanghai, CN
• Jie Liang · 流花街道, CN
• Yong Ma · Hong Kong, CN

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06N20/00
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

This invention comes up with a kind of Android malicious code detection method on the base of community structure analysis. During the reverse analysis process of target program, firstly, it obtains critical static feature information automatically, such as permission, function, class, system API, etc.; secondly, it uses the call relation between functions to create function call graph, and undertakes pretreatment on function call graph; make cycle division and analysis for the weighted function call graph so as to get the correction division of community structure; finally, it extract features from community structures for machine learning and get the final maliciousness determination result. This invention method is able to undertake program internal structure analysis and malicious code detection rapidly when facing a large number of Android application program samples generated by “repackaging” technology.