The Design And Realization Of Android Security Detection System Based On Signature And Permissions

With the widely use of the intelligent mobile phone, the type and amount of applications running on the mobile phone becomes more and more. These applications are changing people’s way of life. However, the malicious software actually lets the human tired. Since the release of Android system, it has become a key player in the smart phone market, but because of its open platform makes the object of the hot spot of malware attacks. A lot of malicious applications emerge in an endless stream, and constantly upgrading. Many Android users do not have the ability to distinguish the malicious applications, make these malicious application wreak havoc on the Android platform, causing enormous damage.In this thesis, the use of detection method based on signature and sensitive permissions group, which is the effective detection of Android application installation package, can solve the harm of Android malicious application upgrade, in order to protect users from malicious application problems, the detection system can help users identify security applications, warn the threat before the damage of malicious applications. The major work of this thesis describes as follows:1. The introduction and analysis of Android system architecture and related security knowledge. Mainly introduces the framework and the security mechanism of the Android system, explains the related security technology, and deeply analyzes the Android security vulnerabilities and potential hazard.2. The signature and permission information extraction of Android applications. Through to the Android application package structure parsing, unzip and decompiling the APK, obtain the signature and permission information.3. The set of sensitive permissions group matching. According to the behavioral pattern of three types of common malicious application, set the sensitive authority grouping in the permission detection. The security of the application is determined by the matching of the sensitive permissions group.4. The design and implementation of security detection system. Mainly introduced the system design and implementation process, analyses the system test result, and puts forward improvement scheme.