| With the arrival of the era of mobile Internet, mobile information has become an important resource in people’s daily life and work. The security problems of information resources gradually aroused the concern of the public, especially all kinds of illegal attacks and criminal behaviors which are initiated by the use of mobile devices. Among many mobile devices, mobile devices which are carrying on Android system account for more than 80 percent on the mobile phone market share. This makes the security problem of Android directly affects the safety trends in the information resources field of mobile equipment. Whether the maturity of security software or the security awareness of users, there are potential safety problems in the mobile devices which are carrying on Android system platform. In this background, in order to further improve the safety which is based on Android mobile Internet devices, this paper does the following works:(1) Analyze the existing security mechanisms and problems of Android system on the basis of the architecture of Android system.(2) Study Android system’s double layer security model, and study the Android underlying core which relies on the Linux kernel to provide security features; in the application layer, the Android system adopts more detailed permission settings and components to interact with other application components. The access to Android’s permission mechanism and the underlying equipment resources are mainly through validating users and groups ID to ensure safety. Meanwhile, Manifest’s permission settings provide a more detailed security features.(3)Analyze and classify the behavior of malicious software and use static safety protection perspective by utilizing the theory of reverse engineering to dig deeper into the malicious behavior of Android applications. Take wallpaper application Cute Puppies as an example to analyze the work mechanism of malicious programs in detail.(4) Analyze and summarize existing behavior mechanism of malicious software. Aim at the existing loopholes of permissions mechanism in Android system, and design a dynamic security protection scheme; this scheme provides users with the detailed description of application permissions and dangers prompt. Users can choose to cancel the dangerous permissions and re-install the application according to information tips.This article begins with the structure of Android system to research its security mechanism, and through analyzing the working process of the malware, we can find loopholes existing within Android system’s permission mechanism; finally, design modification plans of dynamic permissions. After some testing, it indeed can make up for the hidden safety troubles which safeguards the interests of users. |
PDF Full Text Request