Research On Mobile Internet Application Security Evaluation Platform

With the number of mobile internet users growing, the security situation of mobile internet has become increasingly severe. Attackers often disguise malicious applications as ordinary mobile internet applications for cheating users to download and install them, and then steal users’data and threat user’s property. So, mobile internet applications will directly affect the safety of users’ information security. However, the majority of mobile phone users lack sufficient knowledge to evaluate the security level of mobile internet applications on their own device. So, researching and implementation the security evaluation platform for mobile internet application on user’s device is very important.This paper proposes a mobile internet applications security evaluation platform that based on clustering algorithm for common users. The platform can run on a normal user’s Android device. It can evaluate security of mobile internet applications installed on user’s device and generate safety evaluation report. Due to the limited computing and storage resources of mobile devices, most of the computing and storage process are implemented on the server-side. The client on user’s mobile device only needs synchronize application security feature database from server to evaluate the security of local applications.The main innovations and researches of this paper are as follows:(1) A mobile internet applications security evaluation model based on clustering application permissions is given. This model forms the basis data by clustering normal applications and malicious applications. And experts analyze the data further to establish application security feature database.(2) Improved ROCK hierarchical clustering algorithm. The new clustering algorithm is more suitable for handling Android application permissions clusters, and makes the application features of cluster more significant, in order to facilitate the security features analysis of applications;(3) Designed and implemented the security evaluation platform, includes web server and client on Android device, based on the mobile internet application security evaluation model and improved application permissions clustering algorithm for mobile internet applications.