关键词: Android, 分类, 随机森林, 加权投票, 静态特征提取

Abstract:

In order to solve the problem of Android malware detection, a static detection model of Android malware based on improved random forest algorithm using multiple features is proposed. Android application’s multiple attribute features are selected by static detection technology, which include permission, intents, API and key information such as dynamic code, reflection code, native code, password code, and database. Information Gain（IG） algorithm is used to optimize the selection of feature attribute，then generate the corresponding feature vector set. The random forest algorithm is improved and applied to the Android application detection of this model. The experiment selects 6,000 normal samples and 6,000 malicious samples for classification detection, and the results show that the method has a better detection effect.

Key words: Android, classification, random forest, weighted voting, static feature extraction