Security Research Of Intelligent Terminal Based On Android Platform

:With the development of information industry in recent years, the industry related with mobile Internet and smart phones has undergone tremendous changes, Android operating system has attracted a large number of businesses and users because of its openness. With the rapid development of the Android operating system, the third-party mobile application software is becoming gradually rise and popularization, a lot of Android developers has developed tens of thousands of application softwares. Meanwhile, the malicious programs on the Android platform caused huge economic losses to businesses and users,the security of the Android application software has become a top priority in information industry. In this context, how to detect the security of the applications is critical, Based on the analysis of the characteristics of Android operating system and the safety threats, this paper focuses on the security detection technology of the Android application program. The main contents and innovations of the paper are as following:(1)Based on the analysis of the current mainstream detection technology, we propose a comprehensive signature detection, static detection and dynamic detection of Android application program’s security detect scheme. The program tests the target software’s signature at first, in the feature code detection is non malicious software case, continuing with the static detection and dynamic detection. The paper designs and implements for each module, builting the software platform for the safety testing for the application program appeared and the new application program.Based on the platform, designing the testing program for each module’s capacity test and the system’s ability test.(2) Some improvements on traditional signature detection are made in this paper, mainly add the feature classes and functions to the feature database as a standard to judge the malicious software.This improvement makes the detection signatures a certain detect ability for the new software or malware variants, to some extent, improved the problem the detection signature can only detect existing malware.(3)In dynamic detection section, this paper proposed the library level API runtime behavior monitoring. The monitoring method compared with traditional monitoring methods are easy to install, monitors a wide range of low complexity. This method takes advantage of the process when the application program is started, the process of Zygote will load the Dalvik virtual machine, the Java runtime library and core libraries, implementing the API behavior monitoring purposes by modifying the Java runtime library. Monitoring the behavior of the paper makes design and programming for the part of the API.(4) The first time to apply the sequence pattern mining algorithm to Android application security detection in dynamic detection of behavioral data analysis. The algorithm can extract the sequence patterns of malicious software, which is to find frequent sequences of the malware software.By comparing the behavior sequence generated by the target software with these frequent sequences, the Android application program can judge the safety. The paper selects PrefixSpan algorithms as the sequence pattern mining algorithm and realized the algorithm.