参考文献

[1] Yousra Aafer, Wenliang Du, and Heng Yin. “Droidapiminer: Mining Api-Level Features for Robust Malware Detection in Android”. In: International Conference on Security and Privacy in Communication Systems. Springer. 2013, pp. 86–103.

[2] Martin Abadi et al. “Control-flow Integrity Principles, Implementations, and Applications”. In: ACM Transactions on Information and System Security (TISSEC) 13.1 (2009), pp. 1–40.

[3] Y. Xin et al. “Machine Learning and Deep Learning Methods for Cybersecurity”. In: IEEE Access (2018).

[4] Android Emulator. Android.com, 2020. url: https://developer.android.com/studio/run/emulator.

[5] Steven Arzt et al. “Flowdroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps”. In: Acm Sigplan Notices 49.6 (2014), pp. 259–269.

[6] Erick Bauman, Zhiqiang Lin, Kevin W Hamlen, et al. “Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics.” In: NDSS. 2018.

[7] Ulrich Bayer et al. “Scalable, behavior-based malware clustering.” In: NDSS. 2009.

[8] Christopher M Bishop. “Pattern Recognition”. In: Machine Learning 128.9 (2006).

[9] Ivan Blekanov and Vasilii Korelin. “Hierarchical clustering of large text datasets using Locality-Sensitive Hashing”. In: IWAIT Workshop. 2015.

[10] Jane Bromley et al. “Signature Verification Using a “Siamese” Time Delay Neural Network”. In: International Journal of Pattern Recognition and Artificial Intelligence 7.04 (1993), pp. 669–688.

[11] Haipeng Cai et al. “Droidcat: Effective Android Malware Detection and Categorization via App-level Profiling”. In: IEEE Transactions on Information Forensics and Security 14.6 (2018), pp. 1455–1470.

[12] Ligeng Chen, Zhongling He, and Bing Mao. “CATI: Context-Assisted Type Inference from Stripped Binaries”. In: 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE. 2020, pp. 88–98.

[13] Qi Alfred Chen, Zhiyun Qian, and Z Morley Mao. “Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks”. In: 23rd USENIX Security Symposium (USENIX Security 14). 2014, pp. 1037–1052.

[14] Yoon-Ho Choi et al. “Using Deep Learning to Solve Computer Security Challenges: A Survey”. In: Cybersecurity (2020).

[15] Mihai Christodorescu and Somesh Jha. “Testing Malware Detectors”. In: ACM SIGSOFT Software Engineering Notes 29.4 (2004), pp. 34–44.

[16] Zheng Leong Chua et al. “Neural Nets Can Learn Function Type Signatures from Binaries”. In: 26th USENIX Security Symposium USENIX Security 17). 2017, pp. 99–116.

[17] Zhihua Cui et al. “Detection of Malicious Code Variants Based on Deep Learning”. In: IEEE Transactions on Industrial Informatics 14.7 (2018), pp. 3187–3196.

[18] Dahl et al. “Large-scale Malware Classification Using Random Projections and Neural Networks”. In:ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings (2013), pp. 3422–3426.

[19] Leonardo De La Rosa et al. “Efficient Characterization and Classification of Malware Using Deep Learning”. In: Proceedings - Resilience Week 2018, RWS 2018 (2018), pp. 77–83.

[20] Erik Derr. axplorer. 2017. url: https://github.com/reddr/axplorer.

[21] Steven HH Ding, Benjamin CM Fung, and Philippe Charland. “Asm2vec: Boosting Static Representation Robustness for Binary Clone Search Against Code Obfuscation and Compiler Optimization”. In: 2019 IEEE Symposium on Security and Privacy (SP). IEEE. 2019, pp. 472–489.

[22] dlgroupuoft. PScout. 2018. url: https://github.com/dlgroupuoft/PScout.

[23] Min Du et al. “Deeplog: Anomaly detection and diagnosis from system logs through deep learning”. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. 2017, pp. 1285–1298.

[24] Chris Eagle. The IDA pro book. No Starch Press, 2011.

[25] Daniel R Ellis et al. “A Behavioral Approach to Worm Detection”. In: Proceedings of the 2004 ACM workshop on Rapid malcode. 2004, pp. 43–53.

[26] William Enck et al. “Taintdroid: An Information-flow Tracking System for Realtime Privacy Monitoring on Smartphones”. In: ACM Transactions on Computer Systems (TOCS) 32.2 (2014), pp. 1–29.

[27] Feature (Machine Learning). accessed: 2022-1-07. Wikipedia, Wikipedia Foundation. url: https://en.wikipedia.org/wiki/Feature_(machine_learning).

[28] Feature Vector. Accessed: 2022-01-10. url: https://brilliant.org/wiki/feature-vector/.

[29] Adrienne Porter Felt et al. “Android Permissions Demystified”. In: Proceedings of the 18th ACM conference on Computer and communications security. 2011, pp. 627–638.

[30] Adrienne Porter Felt et al. “Permission Re-Delegation: Attacks and Defenses.” In: USENIX Security Symposium. Vol. 30. 2011, p. 88.

[31] Qian Feng et al. “Scalable Graph-based Bug Search for Firmware Images”. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. 2016, pp. 480–491.

[32] GCC, the GNU Compiler Collection. Accessed: 2021-10-01. url: https://gcc.gnu.org.

[33] Liangyi Gong et al. “Experiences of Landing Machine Learning onto Market-scale Mobile Malware Detection”. In: Proceedings of the Fifteenth European Conference on Computer Systems. 2020, pp. 1–14.

[34] Liangyi Gong et al. “Systematically Landing Machine Learning onto Market-Scale Mobile Malware Detection”. In: IEEE Transactions on Parallel and Distributed Systems 32.7 (2020), pp. 1615–1628.

[35] Michael Grace et al. “Riskranker: Scalable and Accurate Zero-day Android Malware Detection”. In: Proceedings of the 10th international conference on Mobile systems, applications, and services. 2012, pp. 281–294.

[36] Wenbo Guo et al. “DEEPVSA: Facilitating Value-set Analysis with Deep Learning for Post-mortem Program Analysis”. In: 28th USENIX Security Symposium (USENIX Security 19). 2019, pp. 1787–1804.

[37] Michiel Hermans and Benjamin Schrauwen. “Training and analysing deep recurrent neural networks”. In: Advances in neural information processing systems 26 (2013), pp. 190–198.

[38] Hyungjoon Koo et al. “Semantic-aware Binary Code Representation with BERT”. In: arXiv preprint arXiv:2106.05478 (2021).

[39] Chris Lattner and Vikram Adve. “LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation”. In: International Symposium on Code Generation and Optimization, 2004. CGO 2004. IEEE. 2004, pp. 75–86.

[40] Quoc Le and Tomas Mikolov. “Distributed Representations of Sentences and Documents”. In: International Conference on Machine Learning. PMLR. 2014, pp. 1188–1196.

[41] Yann LeCun, Yoshua Bengio, and Geoffrey Hinton. “Deep Learning”. In: Nature 521.7553 (2015), pp. 436–444.

[42] Young Jun Lee et al. “Learning Binary Code with Deep Learning to Detect Software Weakness”. In: KSII the 9th International Conference on Internet (ICONI) 2017 Symposium. 2017.

[43] Jure Leskovec, Anand Rajaraman, and Jeffrey David Ullman. Mining of Massive Datasets. 2nd. USA: Cambridge University Press, 2014. isbn: 1107077230.

[44] Xuezixiang Li, Qu Yu, and Heng Yin. “PalmTree: Learning an Assembly Language Model for Instruction Embedding”. In: arXiv preprint arXiv:2103.03809 (2021).

[45] Yujia Li et al. “Graph Matching Networks for Learning the Similarity of Graph Structured Objects”. In: International Conference on Machine Learning. PMLR. 2019, pp. 3835–3845.

[46] Bingchang Liu et al. “αdiff: Cross-version Binary Code Similarity Detection with Dnn”. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering. 2018, pp. 667–678.

[47] Liu Liu et al. “Insider Threat Identification using The Simultaneous Neural Learning of Multi-source Logs”. In: IEEE Access 7 (2019), pp. 183162–183176.

[48] Liu Liu et al. “Unsupervised Insider Detection through Neural Feature Learning and Model Optimisation”. In: International Conference on Network and System Security. Springer. 2019, pp. 18–36.

[49] Aravind Machiry et al. “Using Loops for Malware Classification Resilient to Feature-unaware Perturbations”. In: ACM International Conference Proceeding Series. Association for Computing Machinery, Dec. 2018, pp. 112–123.

[50] Mark McDermott. “Presentation: The ARM Instruction Set Architecture”. In: (2008). url: http://users.ece.utexas.edu/~valvano/EE345M/Arm_EE382N_4.pdf.

[51] John H. McDonald. Spearman Rank Correlation. 2019. url: http://www.biostathandbook.com/spearman.html.

[52] Niall McLaughlin et al. “Deep Android Malware Detection”. In: Proceedings of the 7th ACM Conference on Data and Application Security and Privacy (2017), pp. 301–308.

[53] Mining of massive datasets. url: http://www.mmds.org/.

[54] Robert Monarch. Human-in-the-Loop Machine Learning. Manning Publications Corp., 2021.

[55] Akira Mori et al. “A Tool for Analyzing and Detecting Malicious Mobile Code”. In: ICSE. Vol. 2006. May 2006, pp. 831–834.

[56] Nour Moustafa and Jill Slay. “UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection Systems (UNSW-NB15 Network Data Set)”. In: 2015 Military Communications and Information Systems Conference (MilCIS). IEEE. 2015, pp. 1–6.

[57] Robin Nix and Jian Zhang. “Classification of Android Apps and Malware Using Deep Neural Networks”. In: Proceedings of the International Joint Conference on Neural Networks 2017-May (2017), pp. 1871–1878.

[58] Jannik Pewny et al. “Leveraging Semantic Signatures for Bug Search in Binary Programs”. In: Proceedings of the 30th Annual Computer Security Applications Conference. 2014, pp. 406–415.

[59] Anh Viet Phan, Minh Le Nguyen, and Lam Thu Bui. “Convolutional Neural Networks Over Control Flow Graphs for Software Defect Prediction”. In: 2017 IEEE 29th International Conference on Tools with Artificial Intelligence (ICTAI). IEEE. 2017, pp. 45–52.

[60] Yuval Pinter, Robert Guthrie, and Jacob Eisenstein. “Mimicking Word Embeddings using Subword RNNs”. In: arXiv preprint arXiv:1707.06961 (2017).

[61] Samira Pouyanfar et al. “A Survey on Deep Learning: Algorithms, Techniques, and Applications”. In: ACM Computing Surveys (CSUR) 51.5 (2018), pp. 1–36.

[62] Edward Raff et al. “Malware Detection by Eating a Whole exe”. In: Workshops at the Thirty-Second AAAI Conference on Artificial Intelligence. 2018.

[63] Random Forest. Accessed: 2022-1-11. url: https://en.wikipedia.org/wiki/Random_forest.

[64] Suhita Ray. “Disease Classification within Dermascopic Images using Features Extracted by Resnet50 and Classification through Deep Forest”. In: arXiv preprint arXiv:1807.05711 (2018).

[65] Scikit-learn. INRIA, 2010. url: https://scikit-learn.org/stable/index.html.

[66] sendTextMessage. Accessed: 2022-1-26. url: https://developer.android.com/reference/android/telephony/SmsManager#sendTextMessage(java.lang.String,%5C%20java.lang.String,%5C%20java.lang.String,%5C%20android.app.PendingIntent,%5C%20android.app.PendingIntent,%5C%20long).

[67] Eui Chul Richard Shin, Dawn Song, and Reza Moazzezi. “Recognizing Functions in Binaries with Neural Networks”. In: 24th USENIX Security Symposium (USENIX Security 15). 2015, pp. 611–626.

[68] Sophisticated new Android Malware Marks the Latest Evolution of Mobile Ransomware. microsoft.com, 2020. url: https://www.microsoft.com/security/blog/2020/10/08/sophisticated-new-android-malware-marks-the-latest-evolution-of-mobile-ransomware/.

[69] Stamina Scalable Deep Learning Whitepaper. Accessed: 2021-09-30. url: https://www.intel.com/content/dam/www/public/us/en/ai/documents/stamina-scalable-deep-learning-whitepaper.pdf.

[70] Andrew Sung et al. “Static Analyzer of Vicious Executables (SAVE)”. In: ACSAC. 2005.

[71] The DWARF Debugging Standard. DWARF Standards Committee, 2012. url: https://dwarfstd.org.

[72] Tobiyama et al. “Malware Detection with Deep Neural Network Using Process Behavior”. In: International Computer Software and Applications Conference 2 (2016), pp. 577–582. issn: 07303157.

[73] Ubuntu Software Packages. https://packages.ubuntu.com/bionic/. Accessed: 2021-09-30.

[74] UI/Application Exerciser Monkey in Android Studio. Android.com, 2008. url: https://developer.android.com/studio/test/monkey.html.

[75] Ashish Vaswani et al. “Attention Is All You Need”. In: Advances in Neural Information Processing Systems. 2017, pp. 5998–6008.

[76] Virusshare. Accessed: 2021-09-30. url: https://virusshare.com/.

[77] VirusTotal. Accessed: 2019-09-30. url: https://www.virustotal.com/.

[78] Zhilong Wang et al. “Identifying Non-Control Security-Critical Data in Program Binaries with a Deep Neural Model”. In: arXiv preprint arXiv:2108.12071 (2021).

[79] Zhilong Wang et al. “Spotting Silent Buffer Overflows in Execution Trace through Graph Neural Network Assisted Data Flow Analysis”. In: arXiv preprint arXiv:2102.10452 (2021).

[80] What Is A Malware File Signature (And How Does It Work)? Accessed: 2021-09-30. url: https://www.sentinelone.com/blog/what-is-a-malware-file-signature-and-how-does-it-work/.

[81] Wikipedia. Locality-sensitive hashing — Wikipedia, The Free Encyclopedia. http://en.wikipedia.org/w/index.php?title=Locality-sensitive%20hashing&oldid=1062941845.

[82] Michelle Y Wong and David Lie. “IntelliDroid: A Targeted Input Generator for the Dynamic Analysis of Android Malware.” In: NDSS. 2016.

[83] Dong-Jie Wu et al. “Droidmat: Android Malware Detection through Manifest and Api Calls Tracing”. In: 2012 Seventh Asia Joint Conference on Information Security. IEEE. 2012, pp. 62–69.

[84] Wen-Chieh Wu and Shih-Hao Hung. “DroidDolphin: A Dynamic Android Malware Detection Framework using Big Data and Machine Learning”. In: Proceedings of the 2014 Conference on Research in Adaptive and Convergent Systems. 2014, pp. 247–252.

[85] XposedBridge. Rovo89, 2016. url: https://github.com/rovo89/Xposed%20Bridge/wiki/Development-tutorial.

[86] Lifan Xu et al. “Hadm: Hybrid Analysis for Detection of Malware”. In: Proceedings of SAI Intelligent Systems Conference. Springer. 2016, pp. 702–724.

[87] Wei Xu et al. “Largescale System Problem Detection by Mining Console Logs”. In: Proceedings of SOSP’09 (2009).

[88] Xiaojun Xu et al. “Neural Network-based Graph Embedding for Cross-platform Binary Code Similarity Detection”. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. 2017, pp. 363–376.

[89] Ruipeng Yang et al. “NLSALog: An anomaly detection framework for log sequence in security management”. In: IEEE Access 7 (2019), pp. 181152–181164.

[90] Tianda Yang et al. “Automated Detection and Analysis for Android Ransomware”. In: IEEE 7th International Symposium on Cyberspace Safety and Security. 2015.

[91] Donggeun Yoo and In So Kweon. “Learning Loss for Active Learning”. In: Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition. 2019, pp. 93–102.

[92] Ilsun You and Kangbin Yim. “Malware Obfuscation Techniques: A Brief Survey”. In: 2010 International conference on broadband, wireless computing, communication and applications. IEEE. 2010, pp. 297–300.

[93] Lun-Pin Yuan, Peng Liu, and Sencun Zhu. “Recomposition vs. Prediction: A Novel Anomaly Detection for Discrete Events Based On Autoencoder”. In: arXiv preprint arXiv:2012.13972 (2020).

[94] Muhan Zhang et al. “An End-to-end Deep Learning Architecture for Graph Classification”. In: Thirty-Second AAAI Conference on Artificial Intelligence. 2018.

[95] Yajin Zhou and Xuxian Jiang. “Dissecting Android Malware: Characterization and Evolution”. In: 2012 IEEE Symposium on Security and Privacy. IEEE. 2012, pp. 95–109.

[96] Yajin Zhou et al. “Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets.” In: NDSS. 2012.

[97] Qingtian Zou et al. “Deep Learning for Detecting Network Attacks: An End-to-end Approach”. In: IFIP Annual Conference on Data and Applications Security and Privacy. Springer. 2021, pp. 221–234.