Research And Implementation Of Detection And Assessment Of The Risk Of Android Applications

Android system attracts more and more attention of cell phone manufacturers and users of all ages due to its free,open and customizable features.Android's growing popularity has brought so complex,feature-rich applications including a large number of malicious applications with a great deal of risk about the security of data,privacy and property.Such a high market share and rate of malware attacks on Android platform,making the research of risk detection for Android applications become more and more urgent and necessary.Therefore,the research to seek an efficient and rapid method to detect Android applications' risks is a very valuable project.The thesis first studied current method to detect Android malicious applications,which relies too much on the features code and lacks the capacity to recognize new malicious applications,then proposed an Android applications' risk detection method based on"evaluation-decision" model,designed and accomplished a more comprehensive Android applications' risk detection system,from certificate,permission,component,and API calls.The main contents and innovation points are as follows:(1)Defined the concept of Android applications' risk,including direct risk and indirect risk.Direct risk means that the Android app itself may cause harm to the user,while indirect risk means that the Android application can be used by other malicious applications to pose risks of in-line attack.The system can detect both risks.(2)Accoding to the risk detection method based on the the"evaluation-decision" model,we transfer the Android applications'detection risk detection problem into multiple modules "risk assessment"as well as integrated module of the judgement "decision".(3)The Android applications' risk detection system is designed and implemented based on reverse analysis technology.With the system including modules of certificate analysis,permissions analysis,component analysis,API calls analysis and integrated decision analysis,you can thoroughly detect the risks of Android applications.(4)Discussed the details about the designing and implementation of the various functional modules of the system.Permission detection module takes categories of the applications into account,and classify the applications before detecting to reduce false positives.The thesis uses Apriori algorithm to extract of the permission feature,which stands for the application's category,and it is better than past statistic frequency-based method.In addition,the thesis use analytic hierarchy process method in the comprehensive judging model to determine proportion of the the results made by the four detection modules in the overall result,and the method is more accurate compared to the artificial method.(5)Descibe function and performance tests about the system to verify its effectiveness.After researching the Android applications' risk detection technology,this thesis accomplished a detection system to detect an Android applications' risk based on reverse analysis technology and"evaluation-judge" model.The system workes well in the real world and proves to be a feasible and practical system.