Designing And Implementation Of The Android Application Batch Detecting System Based On Static And Dynamic Analysising Methods

With the rapid development of the Mobile Internet, the popularity of the smart phone has become larger and larger. Millions of mobile apps based on the android OS have been developed to serve for our daily lives.Subsequently, the problem of mobile internet security is becoming more and more serious. As the android markets are the main distribution of apps in China, it is very important to let all the apps have tested before they are put on the store.In order to have a deep research on the security detecting technology, this paper starts with the aspects of programming constructs,operation mechanism, contained content. The main contents of this paper are as following:1) First of all, the paper reviews the development of android operating systems briefly and analyzes the several main security problems during the practical use. Based on above, the article elaborates the security protection mechanism of Android operating system, which is based on Linux operating system. In addition, we also have an in-depth study of the special measures that google company launched to protect android apps liking Signature mechanism, permissions control etc.2) Introduce the mainstream of virus detection technology briefly and give a detail description about static and dynamic methods of mobile apps detecting technology. All of this mainly includes APK unpacking and decompile techs, using sandbox to running simulations and related support tools studying. All of this will provide basic materials for the scheme design of mobile apps batch testing system.3) Researching and developing the mobile application detecting system based on static and dynamic detection technology. The system contains four modules which are anti-virus module, APP static analysis module, APP dynamic analysis module and support module. In the anti-virus module, it will extract the applications’ characteristic value and match these with the signatures of the virus. This module mainly faces malware which is known already. In the static analysis module, it will unpack the Android software package, extract the manifest file, assets file,META-INFO file to check install and execute permissions, security of four major Android components, harmful information of text and image.Then decompile the Dalvik file to check it’s safety of Android API used.In the dynamic analysis module, it will put apk in a sandbox and run it and simulate many kinds of operations, such as connecting networks,SMS sending and so on. The module will catch the log and give the security assessment.4) Based on the solution mentioned above and combined with the actual needs, we developed an operating system of the batch detecting apps. This system contains crawler system,mobile apps audit system and maintain system. At last, we use this system to check the scheme to verify the technical feasibility.The mobile batch detecting system, which analyses and tests the apps by anti-virus techs, static and dynamic techs, has a good effect on known and unknown malicious software. At the same time, the system has rapid detection speed, less artificial operation and standard format report, so it is very suitable for the daily operations of Android app store.Therefore, the plan and system proposed by the paper has wonderful value and practical significance.