| 3G service has been developing rapidly in China since its applied in2009.More users start to use smart devices along with the widespread of3G networks.Meanwhile Android begins to predominate the smart phone market due to itsopenness and cost-effectiveness. Nevertheless, the rapid expansion of Androidmarket share introduces malware aiming at Android at an alarming rate, which posesgreat threats to its users.Some solutions for security issues on Android has been put forward, but mostof them based on the traditional static analysis approach, and they cannot analyzemalicious behaviors during the execution of a program, simultaneously, Somedynamic detection technology method is based on sandbox, as we know, the phoneitself has the problem of resource constraints, if we run a sandbox on your phone,apparently it is impractical. According to the current situation, this paper presentsthe application source code static analysis and dynamic proactive defensetechnology to improve the security of Android applications. We have developed across-platform compiler environment. Before encapsulate the application package,you need to verify whether the source code contains malicious patterns by detectingthe source code, only the packages that have been verified can be packaged; we havedeveloped a secure client, by modifying the system underlying source code, usingthe inter-process communication-socket communication. Whenever a systemsensitive API is called, the client will warn the user to choose whether to allow thecall or deny.To verify the correctness of our system, relevant tests are designed. And wechoose2different kinds of Android applications for testing, one is a self-writtenprogram imitating behaviors that malware possesses, such as file operation, accessto sensitive data and automatically open connections; and others are malwaresamples collected online.The self-written sample invokes most of APIs provided by embedded points,and can present a whole picture of actions that malwares take when compared withscattered behaviors of real test samples. Thus the sample presents us how data isused by different samples. each embedded point since interface libraries malwarecommonly uses are generally covered.The advantage of our system is that it can improve the security of applicationsby the combination of platform-side and client-side. The platform-side can suppressthe spread of malware from the source. The client-side can make a customization ofpermissions for the applications after they have been installed, so that it can make up for the drawbacks of Android permission model. As we know, Androidpermission model lacks a mechanism for customization of permissions and followsall-or-nothing policy enforcement model. It means that user has to accept allpermissions to make the installation of an application successful. The user has nooption to grant or deny a certain permission requested by an application.Additionally, it will investigate runtime behavior of applications to prevent themfrom malfunctioning and ensure system integrity. |
PDF Full Text Request