| The smartphone operating systems make mobile terminal develop very rapidly in recent years.Google’s open source and free operating system Android occupys a huge market share very soon, butAndroid has become the main target of malicious programs. Unlike PCs, mobile phones save a lot of userprivacy information, and users often do not have sufficient security consciousness, so the influence ofmobile phones attacked by malicious programs on users is enormous. Android malware detectiontechnology research has important practical significance.Based on the existing security mechanism of Android, we analyze the existing Android platformmalware behavior characteristics and the existing Android malware detection technology. The mainresearch contents of this thesis are as follows:Firstly, we analyzed and summarized Android permission mechanism and analyzed the thecharacteristics of the Android malware permissions.We made improvements and optimization for theAndroid malware detection scheme based on permissions combination, refined the detection granularityand quantified the malicious level of different permissions combinations. And also we implemented a usersecurity protection scheme.In addition, we analyzed and summarized the existing Android malware detection technologies andanalyzed the shortage of static and dynamic malware detection technologies. Base on this, we propose ahybrid static and dynamic analysis method.In static analysis, we used decompile technology to extract the sensitive function call graph and theActivity call graph of an Android application.This two call graphs will be used in the dynamic analysis toimprove the efficiency of dynamic analysis.In dynamic analysis, in order to expand the detection range of application behavior characteristics, weincrease a system interface function monitor module on TaintDroid. |
PDF Full Text Request