| With the rapid development of Io T devices,malware attacks targeting Io T devices pose a serious threat to users,and the advent of edge computing has paved the way for more efficient data processing.Inspired by the emerging edge computing model,this thesis considers the malware detection to be divided into two parts,which are performed on the user side and the edge side respectively.In this process,considering that user resources are limited and malware detection tasks have real-time requirements,how to efficiently and real-time detect malware in user device and prevent user privacy from being threatened has broad application prospects.The main work of this thesis is as follows:(1)Considering that the malware features extracted by existing static analysis techniques are easily bypassed by various camouflage techniques,this thesis proposes a malware feature extraction based on sensitive subgraphs.First perform data preprocessing,build the static function call graph of the application and obtain all sensitive APIs and their sensitivity coefficients.Then,the static function call graph is divided into sensitive subgraphs,and the malicious degree of the sensitive subgraph is adaptively weighted as the characteristics of the malicious degree of the application,and the most suspicious malicious behavior in the application is analyzed.The experimental results show that the malware feature extraction based on sensitive subgraph is more effective than other benchmark methods,can effectively reduce the feature dimension,and has strong generalization ability,adapting to a variety of datasets and neural network models.(2)On the basis of the previous work,this thesis proposes a malware detection method based on Distributed Deep Neural Network(DDNN)in view of the current communication cost delay problem and user privacy security problems in malware detection.First,a user-edge-based distributed deep neural network framework is constructed.The neural network is divided into two parts,which are deployed on user device and edge servers respectively.Then,a reputation-based edge server trust evaluation method is proposed,and users can screen trusted edge servers to upload intermediate features through trust evaluation.Finally,a malware detection model based on trusted DDNN is designed,and users and edges cooperate to complete malware detection.The experimental results show that the method can effectively reduce the communication cost and delay while detecting malware accurately and efficiently,and protect user privacy from threats. |
PDF Full Text Request