The Research And Implementation Of Dynamic Detection Technology Of Android Application

In recent years, due to the openness of the Android platform, the market share of the terminal equipped with Android operating system continues to expand, the type and number of malware keeps increasing, researches of Android application security testing technology is imminent. Compared with static detection technology, the dynamic detection technology has the advantage of detecting new malware. However, there are still problems of this technology including the coverage of the detection path is limited, the depth of the detection is insufficient and the automation degree needs to be improved.This paper concentrates on the trigger of malicious behavior, and researches on technical solutions for dynamic detection. By researching on the traversal trigger script generation technology solutions, and the deep trigger script generation technology solutions, this paper realizes the automated operation of the application, thus, improve the coverage and the depth of the detection and trigger the potentially malicious behavior as much as possible. Meanwhile, in order to achieve the aim of dynamic detection of the application, this paper researches on Android security monitoring technology solutions, which realizes the behavior monitoring and the malicious behavior capturing of the application.1) Traversal trigger script generation technology solutions:Applied the traversal technology in the automated testing area to Android dynamic detection area, and proposes the traversal trigger script generation technology solutions, which can automated generate the traversal trigger script to cover all the detection path, thus improve the detection coverage.2) Deep trigger script generation technology solutions:Based on the script recording technology of the automated testing area, this paper improves the technology by converting the coordinate points to the controls, applies it to the area of Android dynamic detection and proposes the deep trigger script generation technology solutions, which realizes the aim of applicability of different terminal devices and the capability of complex logic execution. This paper construct a deep trigger script library for targeted controls, thus, realize the deep detection of targeted control and improves the detection depth.3) Android kernel monitoring technology program:During the execution of Android application software trigger script, this technology hijacks the process of system call, and repalaces the function to monitor the critical behavior API, thus capture the malicious behavior of the application software.Based on the study of Android dynamic detection technology solutions and the requirements of the project, this paper designs and implements a dynamic detection system of Android application, the system is based on B/S structure, mainly consists of four parts, the user display subsystem, the task management subsystem, the malicious action trigger subsystem and the Android kernel layer monitoring subsystem. This paper concentrates on the development and realization of the malicious action trigger subsystem and the Android kernel layer monitoring subsystem. The system enables high-volume, multi-mode and fast online safety testing.Test result shows that: The Android dynamic detection technology solutions in this paper has a high degree of automation, and can improve the ability to detect malicious behavior to a certain extent.