| With the rapid development of the Android Operating System, security issues such as malware and virus are rising. Disguised as normal apps, malware installed from third party platforms continuously are causing issues including the leak of sensitive data, fee deduction and the loss of security control, which lead to great loss to users. Majority of existing malware detecting methods are based on the behaviors of applications, so damage may have already been made before malicious behaviors are detected. Thus the research on static risk assessment of Android applications is of vital and urgent importance.This thesis makes detailed comparison between malware detecting technologies on the Android platform, and proposes an approach using static analysis on decompiled source code with feature extraction, estimating probable malicious activities in Android applications.First of all, a feature extraction method based on malware classification is introduced in this thesis. By using feature combination and machine learning classification algorithms, it extracts ten features which are able to distinguish malware from normal apps effectively.Besides, a new risk assessment system for Android applications is shown in this thesis. This system extracts permission features of Android application and compares it against a static library of features to detect potential risk. Compared with other malware detecting systems, the system proposed by this thesis is based on static analysis, actually with no need to run the applications, and requires fairly less system resource.Last but not the least, the results of related experiments conducted are analyzed in this thesis as well. Based on a large number of real samples, the experiments prove that the system proposed is able to assess the risk of unknown Android applications. |
PDF Full Text Request