| The Android platform has become more and more popular, becoming the highest use of the mobile client a smartphone operating system, but due to the open nature of Android system and the normative Android market, the Android malicious software is growing rapidly, so the Android malware detection has become a urgent problem, this paper designs a set of static analysis detection system based on the Android APK.This paper proposes two kinds of different method for detecting known malicious software and unknown malware. First, extract the DEX file from a known malicious software and the ELF executable file within the specified fields as the detection of known malicious software characteristic value; Second, the Android applications of different API interface implementation is by calling the different systems, so for the unknown malware detection, in this paper, the application code hierarchy and API call, the combination of the known malicious software into different levels of API calls the structure in the sequence tree; Finally, the extraction of characteristic value and characteristic sequence of malicious software feature database is established, by malware characteristics with the application under test library similarity comparison, the paper design a feature comparison of detection system based on application.This paper expounds a detection method based on the Android platform of malicious software research, design, and implementation process, including to known malicious software testing results show that the extracted eigenvalue combination is unique, for Android applications and the detection method has solved the traditional computing applications MD5 value than the limitation of the detection method in the detection of dynamic link library; Secondly, the unknown malware detection results show that the proposed API call feature sequence similarity detection method of the same family malware detection has a good effect. |
PDF Full Text Request