| Recent years, with the rapid development of mobile Internet, the intelligent terminal devices are put into use widely, especially, the Android system has occupied the largest share in the mobile operating system market. While Android system brings great convenience to people, it has brought serious security problems at the same time.The android system is easy to become hackers’ attack target, malicious behavior include:privacy leakage, malicious deduction, tariff consumption, system damage, remote control, fraud, malicious diffusion, roguery. the reasons why the android devices been attacked mainly are: Android system is open source, which security mechanism is vulnerable; some app markets lacks of detection, which make the android system are easily hacked by malwares; android users lack of safety awareness and the knowledge of Android. Facing with the increasingly various mobile apps, how to effective organize,manage has become a problem need to be solved.This thesis focused on Android APP. We mainly analyzed security mechanisms of Linux kernel and Android system, such as process sandbox isolation, authority control,and process communication, etc.; especially, we studied in detail on malware classification and its operation mechanism. We studied malware detection technology in recent years, which are the static analysis and dynamic analysis. In this thesis, malware detection scheme suit for the Android platform is given, including the malicious behavior feature extraction, malicious detection model based on malicious behavior characteristics. We had designed and implemented a malware detection prototype system. Finally we made experiments to test the detection performance, operation efficiency.In addition, this thesis combined static analysis and dynamic analysis, based on extraction of malicious behavior characteristics and using machine learning method,we proposed a triple hybrid ensemble algorithm to classify and evaluate android apps.Finally we test this scheme using data provided by research group, the results show that this model has good accuracy, and has lower false alarm rates and non-response rates. |
PDF Full Text Request