DroidVet:Design And Implementation Of The Android Malicious Applications Analysis And Detection System

Nowadays, in which smart phones gains massive popularity, a number of mobile operating systems have been emerging in this competitive market. Among all these systems, Android is the most rapidly developed. In terms of the domestic market, Android accounts for 80% of market share, and it is absolutely the most popular smart phone operating system. And now, a huge number of applications are available for customers on various digital distribution platform including Google Play, Amazon and Anzhi. Meanwhile, with the rapid development of Android, malicious applications also emerge in this field. As users can access so many Android applications from so many sources, many of which are from unidentified developer, Android users are more likely to install malicious applications.In view of the situation that there is a significant risk potential and difficulty in limiting malicious application on Android platform, this paper mainly focuses on following issues:(1)Inspection of Android system:This paper presents an inspection and an analysis of the architecture, security scheme, potential security threat, and application architecture of Android. Besides, we also introduce the major malicious attacks, static and dynamic analysis methods and tools to implement the analysis. This section lays theoretical foundation the of this system.(2)Design and implementation of DroidVet:This system is utilized to conduct a dynamic or static analysis on Android applications. As for the static analysis, the system will firstly acquire the static characteristic of requested permission, certificate information and related code operations. After this step, a characteristic vector will be constructed and then be delivered to SVM classifier for examination. Next, the result of examination will be demonstrated as an index of hazard level. In the part of dynamic analysis, DroidBox will be running in background and conducting a dynamic analysis of the application, along with its file access, data leakage, permission leakage, file operation and telephone operation. In order to provide a better result, this system integrated virus libraries from some authoritative antivirus software.Having been deployed and tested on a number of sample applications, it can be concluded that DroidVet is an effective tool for detecting potential security risks of Android applications.