| Now smart phones have become an important and inseparable part of our daily life. Theirapplication software can be downloaded from the Internet easily and conveniently. Theseapplications are mainly from the Google Market and the third-party sites forum. Since there are nostrict inspections and audit procedures of the software market, anyone can upload and download thesoftware applications through the Internet from there anytime and anywhere. The criminals mayexploit the unsafe mechanism to spread dangerous viruses especially Trojans. If someonedownloads these dangerous applications, they may bring certain harm and damage to the user. In theprocess of the installation, Android applications require the users to confirm access, mainly networkaccess, contact access and call access etc. The Trojan program will exploit the contact to send calls,text messages through the network by the access and bring serious damage. In order to avoid theinvasion and damage of Trojans, it needs to find and deal with them as early as possible. Thusresearch on the Android system, Android security mechanism and the Android Trojans is importantand necessary.This article analyzes the Android operating system security mechanism deeply and presents aneffective method to detect the Trojans threats and ensure the information security of the users’Android phones.The main work focus on five respects as follows1. Based on the demand of the current Android users, we analysis the framework of theAndroid system to understand its operating and security mechanisms, and find the systemvulnerabilities and security threats.2. Research on the implementation principle and harm of the current Android Trojans andprovides the theoretical basis for the subsequent discussions.3. Analysis the current solutions for the Android Trojan detection and their correspondingimplementation principle, then present the disadvantages.4. Study the mechanism of the monitoring backstage framework in the Android system, thendesign and implement two kinds of Android Trojans as the telephone and SMS. It not only canrealize to remove the call records and contacts in the telephone and SIM, but also can delete files inthe SD card or upload these files to a computer.5. Present a new method for detecting the parasite Trojan in the Android system. Throughdetecting the sending packet of the telephone, we can sure the sending port in real time. Accordingto the port and the information provided by the Android system, we can find the process of the sending packet and track the application program that creates the process. Then it need to analysisthe system call sequences of the program and judge whether there is a parasitic Trojan in theapplication program. Simulation experiments show that the method can detect the parasitic AndroidTrojan effectively.Our proposed detection method is significant on the security reinforcement of the Androidoperating system. It lays a foundation for the future Android Trojan detection and analysis. |
PDF Full Text Request