问题描述
我试图开发能够检测恶意应用程序的使用支持向量机(SVM)Android平台的应用程序。我可以从logcat的和strace的工具很多系统信息,但我现在不如何管理检测到真正的恶意应用程序。有谁知道如何stablish /记录的正常行为,使用该设备的使用这些工具,我的意思是,从设备上获取信息并设置一个行为模式。
I'm trying to develop an application capable to detect malicious application for Android platform using Support Vector Machines (SVM).I can get many system information from "logcat" and "strace" tools but I don't now how to manage to detect real malicious applications.Does anyone know how to stablish/record normal behavior use of the device using those tools, I mean, get information from the device and set a behaviour pattern.
最好的问候
推荐答案
您将永远有麻烦确定恶意应用程序行为:的
You will always have trouble determining malicious application behavior: Kymie M.C. Tan, Roy A. Maxion, ""Why 6?" Defining the Operational Limits of Stide, an Anomaly-Based Intrusion Detector," sp, pp.188, 2002 IEEE Symposium on Security and Privacy, 2002
但如果你真的想尝试,也许出发点是在这里:入侵检测使用的系统调用序列。 S. Hofmeyr,S福雷斯特和计算机安全卷A. Somayaji杂志。 6,第151-180(1998)
But if you really want to try, perhaps the starting point is here: "Intrusion Detection Using Sequences of System Calls." S. Hofmeyr, S. Forrest, and A. Somayaji Journal of Computer Security Vol. 6, pp. 151-180 (1998)
这篇关于检测的Android恶意软件利用支持向量机(SVM)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!