杨宏宇 等: 基于   API 聚类和调用图优化的安卓恶意软件检测                                               3225


                     012017]
                 [28]  Source code of APIGraph. https://github.com/seclab-fudan/APIGraph
                 [29]  Abdi H, Williams LJ. Principal component analysis. WIREs Computational Statistics, 2010, 2(4): 433–459. [doi: 10.1002/wics.101]
                 [30]  Schulz P. Code protection in Android. 2012. https://net.cs.uni-bonn.de/fileadmin/user_upload/plohmann/2012-Schulz-Code_Protection_
                     in_Android.pdf
                 [31]  Arzt S, Rasthofer S, Fritz C, Bodden E, Bartel A, Klein J, Le Traon Y, Octeau D, McDaniel P. FlowDroid: Precise context, flow, field,
                     object-sensitive  and  lifecycle-aware  taint  analysis  for  Android  Apps.  In:  Proc.  of  the  35th  ACM  SIGPLAN  Conf.  on  Programming
                     Language Design and Implementation. Edinburgh: ACM, 2014. 259–269. [doi: 10.1145/2594291.2594299]
                 [32]  Hearst MA, Dumais ST, Osuna E, Platt J, Scholkopf B. Support vector machines. IEEE Intelligent Systems and their Applications, 1998,
                     13(4): 18–28. [doi: 10.1109/5254.708428]
                 [33]  Breiman L. Random forests. Machine Learning, 2001, 45(1): 5–32. [doi: 10.1023/A:1010933404324]
                 [34]  Allix K, Bissyandé TF, Klein J, Le Traon Y. AndroZoo: Collecting millions of Android Apps for the research community. In: Proc. of the
                     13th Int’l Conf. on Mining Software Repositories. Austin: ACM, 2016. 468–471. [doi: 10.1145/2901739.2903508]
                 [35]  VirusTotal. https://www.virustotal.com/gui/home/upload
                 [36]  Wei FG, Li YP, Roy S, Ou XM, Zhou W. Deep ground truth analysis of current Android malware. In: Proc. of the 14th Int’l Conf. on
                     Detection of Intrusions and Malware, and Vulnerability Assessment. Bonn: Springer, 2017. 252–276. [doi: 10.1007/978-3-319-60876-
                     1_12]
                 [37]  Google Play Store. https://play.google.com/store
                 [38]  Suarez-Tangil G, Stringhini G. Eight years of rider measurement in the Android malware ecosystem. IEEE Trans. on Dependable and
                     Secure Computing, 2022, 19(1): 107–118. [doi: 10.1109/TDSC.2020.2982635]
                 [39]  Wu ZH, Pan SR, Chen FW, Long GD, Zhang CQ, Yu PS. A comprehensive survey on graph neural networks. IEEE Trans. on Neural
                     Networks and Learning Systems, 2021, 32(1): 4–24. [doi: 10.1109/TNNLS.2020.2978386]

                 附中文参考文献:
                 [1]  刘剑, 苏璞睿, 杨珉, 和亮, 张源, 朱雪阳, 林惠民. 软件与网络安全研究综述. 软件学报, 2018, 29(1): 42–68. http://www.jos.org.cn/1000-
                    9825/5320.htm [doi: 10.13328/j.cnki.jos.005320]


                             杨宏宇(1969－), 男, 博士, 教授, 博士生导师,                胡泽(1989－), 男, 博士, 讲师, CCF  专业会员, 主
                            CCF  高级会员, 主要研究领域为网络与系统安                     要研究领域为人工智能, 自然语言处理, 网络信
                            全, 软件安全检测, 网络安全态势感知.                         息安全.



                             汪有为(1999－), 男, 硕士生, 主要研究领域为网                 姜来为(1986－), 女, 博士, 讲师, CCF  专业会员,
                            络信息安全, 安卓恶意软件检测.                             主要研究领域为网络信息安全.




                             张良(1987－), 男, 博士, 研究员, 主要研究领域                成翔(1988－), 男, 博士, 实验师, CCF  专业会员,
                            为强化学习, 基于深度学习的信号处理, 网络与                      主要研究领域为网络与系统安全, 网络安全态势
                            系统安全.                                        感知, APT  攻击检测.