Simulation on static detection of malicious code based on behavior information gain

When the malicious code is detected by the current method, the features of the malicious code cannot be classified in detail. A static detection method of malicious code based on behavior information gain is proposed. The method uses the feature selection method of behavior information gain to get the average mutual information between different code types, and gives different types of feature libraries. On this basis, the character sets are fused and the sample characteristics of the malicious code are extracted. The dispersion degree of the sequence distribution of malicious code samples is measured, the distance vector of the plurality of eigenvectors is obtained, and the weighted matching of the features is performed. The malicious code is detected statically based on the matching result. The results demonstrated that the proposed method tends to be more accurate and provides a scientific basis for ensuring the security and stability of the Android operating system.