Patent attributes
This invention comes up with a kind of Android malicious code detection method on the base of community structure analysis. During the reverse analysis process of target program, firstly, it obtains critical static feature information automatically, such as permission, function, class, system API, etc.; secondly, it uses the call relation between functions to create function call graph, and undertakes pretreatment on function call graph; make cycle division and analysis for the weighted function call graph so as to get the correction division of community structure; finally, it extract features from community structures for machine learning and get the final maliciousness determination result. This invention method is able to undertake program internal structure analysis and malicious code detection rapidly when facing a large number of Android application program samples generated by “repackaging” technology.
