Computer Engineering and Applications ›› 2021, Vol. 57 ›› Issue (8): 84-90.DOI: 10.3778/j.issn.1002-8331.2003-0248

Previous Articles     Next Articles

Android Malicious Family Detection Algorithm Based on Local Optimization Matching

DU Yao   

  1. College of Computer Science and Technology, Southwest Minzu University, Chengdu 610000, China
  • Online:2021-04-15 Published:2021-04-23



  1. 西南民族大学 计算机科学与技术学院,成都 610000


In recent years, the rapid growth of Android malicious code has brought a heavy burden to mobile security research. It makes the research of malware identification and family evolution of large number of mobile applications an important work. Thus, a new malware identification and family classification method based on local structure optimization analysis is proposed. This method first extracts the function call graphs from the decompiled files of the applications. Then, an iterative matching algorithm based on node similarity is applied to construct malicious family features. Finally, the structural similarity between the applications and family features is calculated to detect malware and classify them into their families. Experimental results show that this method has better performance than the three previous studies and the Androguard tool.

Key words: malicious code, local structure optimization, family identification



关键词: 恶意代码, 局部结构优化, 家族识别