Android Malware Application Testing Technology Research Based On Permissions

The Android system as one of the main operating system of intelligent mobile phone,with its powerful functions, rich applications for users, the market share rate ranked first.However, the Android system provides people with convenient and have great economic benefits, at the same time has become the preferred target for some criminals attack,resulting in the rapid growth of the number of malicious applications. Therefore, the research on the detection of Android malicious applications is becoming increasingly urgent. The main research contents of this paper are as follows:Firstly, the system structure and security mechanism of Android are analyzed. The mobile operating system Android system as an open source, has its own unique system structure and relatively perfect security mechanism, but there are still some security vulnerabilities. Through the analysis of the security mechanism of the Android system,permissions are Android application specific operation of the logo, which can provide a reliable basis for the detection of malicious applications.Secondly, a detection scheme based on naive Bias classifier is proposed.Through research on existing Android malicious applications detection scheme, and static and dynamic scheme comparison and analysis of feature classification, and puts forward a permissions as classification feature detection scheme based on the naive Bayes classifier.Thirdly, improved naive Bayesian detection scheme, and proposed Apriori-NBC detection scheme. Bias classifier requires a complete independence of classification features, but there is a certain relevance of application permissions, which has a conflict with the premise of Bias classification. Through the frequent pattern mining of permissions this way, find out the maximum frequent itemsets under special confidence, to the classification of features, which reduce the correlation of feature classification.Lastly, the Apriori-NBC detection scheme was verified by experiments. The experiment used 1000 malicious applications and 1000 non malicious applications as samples, using ten fold cross validation method. The experimental results show that the Apriori-NBC detection scheme compared to other schemes with high accuracy and the real rate and the true negative rate were 82.6% and 83.6%.