| With the rapid development of mobile Internet and computer technology, intelligent mobile terminal has been widely used in all walks of life. Android operating system, by virtue of the excellent stability and openness of the source code, constantly improve the intelligent terminal market share. At the same time, the malicious code based on the Android system, especially the kernel Rootkit tool has begun to emerge. The safety of the system has gradually become the focus of attention.Kernel Rootkit, providing a precondition for security to the remote control tools hidden for a long time with its reliable concealment, is an important part of hacking tools and the research focus in the field of computer security. The thesis, which aimed at the current Android system security issues and based on the theory of analysis of the Android system architecture and security mechanism, does research on the kernel Rootkit technology.This thesis, firstly describes the research background, status at home and abroad and significance of the Android system security; and then introduces the Android system from the system structure and security architecture; and then describes the concept and history of kernel Rootkit, and the mechanism of the loadable kernel module and system calls which usually used in Rootkit; after that introduces the platform of Android-Rootkit in terms of performance, functionality, overall framework and core processes; and then gives a detailed description of the design and implementation of the platform; finally describes the building of the development and test environment of the Android-Rootkit platform, the testing and analysis of the platform.This thesis, through the study of the Android system architecture, security mechanism and kernel Rootkit technology, the design and implementation of the Android-Rootkit platform, provides the technical support to the computer forensic personnel, the theory support to the security personnel and wakes up the users. |
PDF Full Text Request