| With the rapid development of the mobile internet and the rapid popularization of mobile Phone, the security issue of smartphone is attracted more and more attention. At present, the research of security issues on smartphone is not mature, but both the quantity and types of mobile phone virus has grown rapidly, and its destructive power and influence are also rising year by year. In order to prevent huge losses in the future, the researches of Security Mechanism of smart phone platform are very important at the present stage.In order to strengthen the security of the smartphone platform effectively, it is necessary to have a full understanding of the mobile phone virus and the smartphone platform security mechanism to conduct in-depth research. In this paper, the research is mainly about epidemic model, the framework and security mechanisms of android and the reinforcement of android. The main contributions and innovations are as follows.(1)Study the model of mobile phone virus, proposed a kind of pre-immune cell phone virus propagation model which was on the base of SEIR model and simulation experiments for the model, then experiments for the model,then analysis the pre-immune of the mobile phone virus. The simulation results show that with the increase in pre-immunity not only be able to effectively control the scale of mobile phone virus outbreak, but also greatly delay the the phone virus mutates outbreak time and equilibrium after scale. Therefore, this thesis will focus on The Security Mechanism Analysis and Reinforcement of Smartphone platform.(2)Android2.3is the most popular mobile operating systems, however due to the nature of its open source, programmable software framework and network equipment, which also increases their exposure to damages inflicted by various types of malware, Android2.3isvery vulnerable to viruses invasion. This paper provides a comprehensive security assessment of the Android framework and the security mechanisms incorporated into it. A methodological qualitative risk analysis that we conducted identifies the high-risk threats to the framework and any potential danger to information or to the system resulting from vulnerabilities that have been uncovered and exploited. Lastly, we present five major (high-risk) threats to the Android framework and propose security solutions to mitigate them.(3)At the last chapter, two reinforcement that a type of role-based mandatory access control and ASLR-based buffer overflow attacks are proposedin response to these security issues. The type of role-based mandatory access control, which allows the application to run the minimum required permissions and cause minimum damage to operating system, can effectively prevent malicious attacks against kernel vulnerabilities according the experimental result. Address-space Randomization is a new technique used to fortify computer system against buffer overflow attacks in recent years. the solutions to buffer overflow attack are listed in the paper, then focus on the ASLR technique, some experiments proved it is a effective solution. The improvement suggestions has been pointed out in the end.In this paper, through the analysis of the model of mobile phone virus, come to the conclusion that the phone with a pre-immune system better able to avoid and control the spread of the virus’s. Then analyzed the security vulnerabilities of the Android system, and put forward several major security threat. Combining these two points, design two kinds of security threats for the Android system reinforcement program, and came to the conclusion that these two programs are effective and has certain practical significance. |
PDF Full Text Request