Research Of Risk Detection For Android Application

With the mobile Internet coming, intelligent terminal has been an indispensable into people’s lives. Internet access is no longer confined to traditional methods of computer access, with the vigorous development of 3G and Wi-Fi technologies, surfing Internet anytime, anywhere to enjoy the vast amounts of information has been brought into reality. In the mobile terminal which plays a pivotal role. The past two years, with the production process and the development of software technology, smart phone has reached an unprecedented height. Google has introduced the sudden emergence of Android platform, has become a force in the smart phone market. Google also study the App store model of the Apple platform to launch its own electronic market, lots of software developer began to developing android application, applications surged, the user’s smart mobile terminals are also installed all kinds of applications.However, Google market is not the same as Apple’s appstroe to adopt strict application review system, resulting in Android platform application there are a variety of security issues, so that criminals take advantage of the development of malicious software. In addition to the common suction charges of malicious software, smart mobile phone users is a disclosure of sensitive personal data can not be ignored. Survey shows that a considerable number of applications that intentionally or unintentionally collected a variety of user privacy data and unencrypted sent to the developer server, the user’s private data, including a unique device number (IMEI number), phone number, contacts and the user’s location (GPS) and other sensitive data, even if these data are not malicious application service providers to collect, once the service provider’s server data leakage caused by an attack, users will also cause indirect losses.Android platform is an open platform, providing applications to users is the core value, to allow users to more safely use a variety of applications, the system is committed to the objective of each application for a risk assessment. According to Android the specific structure of the application platform, de-compile the application’s executable file; extract the application’s, according to permissions scanning the decompile code for the risk of interface functions. Finally, the risky Applications which possible leak personal privacy data will be confirmed by the dynamic analysis, analysis of the dynamic run-time logs.