| With the rising popularity of smart phones based on Android System,especially with the popularity of 3G network and the high speed development of the 4G network.Smart phones have replaced part of the computer functions and gradually into people's life.The current smart phones already have the functions like bank payment and shopping even social contact.The more powerful of the smart phone,the more potential of crises.To benefit from these potential crises the criminals who attempted to steal the user privacy information and money make the malware action for the purpose of profit.However,because of the Android open source characteristics make its security problem is more outstanding.This dissertation puts forward a hidden Markov models based Android malware behavior detection method,which is based on the full study about malware behavior characteristics and the current malware detection methods.In the way of choice to detect,we choice the software dynamic behavior based method which is named dynamic detecting.To avoid constantly update of malicious code library,and it also can test the unknown malware.On the testing content of this dissertation,we focused on the SMS and telephone and network and location information which are likely to be the key function to harm the users' privacy.The detection model is based on hidden Markov model,which use the evaluation method to estimate the malicious software.Meanwhile use the learning ability of the hidden Markov model to realized the function of Machine self-learning.Through repeat learning of users' habit to improve the accuracy of assessment about the malicious software.In the implementation method,this dissertation have afforded a detection model which is established on the basis of the user's judgments.In the model parameter selection,in order to reflect user's habits.Considering the balance of malicious behavior detection efficiency and utilization of system resources,this dissertation have selected several behavior parameters which can reflect user's using habits to establish the model.In view of the limitations of Smartphone hardware configuration and for the sack of decreasing the system resources usage,we have realized the lightweight malicious behavior detection software.Firstly the parameters of the model don't need to through the third-party analysis software.By means of the broadcast mechanism of the Android System itself and its excellent framework layer monitoring system to realize the parameter acquisition.Secondly,implemented the software behavior detection which based on the Android broadcast mechanism.It makes that the system need not to be always running,just only to be launched by receiving related broadcast intent.In the judgment model,in addition to the system automatically judgment there also joined the user's judgment.By setting up a black and white list,not only improve the efficiency and the flexibility of the malicious behaviors judgment,but also reduce the occupancy rate of system resources.In the test,this dissertation compared with the normal SMS and the malicious programs which send SMS messages in background.The system was finally tested.Compared with the normal short messages software and the malicious behavior software which send appointed short messages at the background.In the test of results show this system have achieved the expected effect that the test system is able to identify the action which is different from the normal user's custom. |
PDF Full Text Request