| With the development of science and technology, intelligent mobile can do somework as a computer, such as email, shopping on internet, Intelligent mobile machinesplay an very important role in people’s daily life. On the one hand, Intelligent mobilemachines can provide powerful functions, such as handling e-mail, browsing the web,mobile payment, bring more convenience to our daily life, on the other hand, due to theextensive use of intelligent machines, people began keeping eyes on intelligent mobilemachines, by programming malware software and make it hide in user’s mobile phonein order to get user’s privacy and order paid business without permission, leading touser’s economic losses and privacy leakage. more and more attention has been paid tomobile malware with the growth of the smartphone market, how to detect and preventmobile malware has become a hot topic, Android mobile equipment intelligent systems,by virtue of its openness, has won the favor of the majority of mobile phonemanufacturers in the world, came from behind to gradually catch up on symbian, ios,has now become a global market share of smart devices operating system, it isAndroidmarket potential, this thesis focuses on how to detect malware on Android.Firstly, this thesis studied the traditional method of mobile malware detection, byanalogy to intrusion detection model of the PC platform, this thesis presents acontent-based Android platform mobile malware detection method, the method is thatgrabbing and analyzing network data communication under the Android platform, inorder to monitoring communication content in the current system, at the same time,analyzing of the network configuration file information in the current system, in orderto monitor current networking process information under the Android system. Thisthesis is developed based on libpcap library, firstly, solving the problem of porting theAndroid platform and the key to successful use of the libpcap library, there is no thesissolving to this critical problem of porting and using libpcap library, Following, using theAndroid platform the libpcap library to grab network data packets of the currentAndroid system, extracting the contents of the packets from the grabbed network datapackets, matching the contents of the packets based on user-defined keywords, if the match is successful, raising the alarm and writting alarm information into the log, whilemonitoring data packet contents, this thesis analyzes the current system networkconfiguration files, reading and analyzing data information in the file in order to gainnetwork information, getting the current system process information from systemprocess files, the former two kinds of information match each other in order to monitorthe networking process. |
PDF Full Text Request