The Research And System Implementation Of Mobile Application's Safety Assessment Basedonbehavior Monitor

At the moment of rapid popularization of smart mobile terminals,mobile terminal applications have been developed rapidly,and many of them are malicious applications.Malicious application developers in popular applications to join the malicious code,published in the third party application market and the major forums,open platform to make it rapid proliferation.In addition,some of the features involved in the application of sensitive information is also a certain threat.The sensitive behavior of malicious applications and the existing risk has been a serious threat to the user's data security and property security.To solve these problems,a mobile application security assessment system based on behavior monitoring is presented in this thesis,which includes the evaluation module and the rule base of the system.The purpose is to provide quantitative results for mobile application.The main results of this thesis are as follows.(1)The existing problems of the existing rule base building technology and application evaluation technique is summarized and analyzed in this thesis,and concerned with the application programming interface for classification and hazard analysis and preliminary definition.In this thesis,a rule base building technology is proposed,which is used to focus on the inheritance relationship between the implicit API that are concerned with the objective existed application,and modifying the risk coefficient with transfer probability to avoid the imperfection,inaccuracy and surmise of the result caused by the imperfection of knowledge system for establishing rules.At the same time,it has broken the machine learning mode which is based on the supervised learning method,and improves the automation degree of the rule base to some extent.(2)The behavior sequence of the application program called API is analyzed in this thesis,and abstracted as directed graph,and matched with the rules in rule base.With directed graph,the matching efficiency is greatly improved.In addition,in order to prevent the application of anti detection behavior,that is to join the redundant logic so that the malicious behavior can not be completely matched to avoid the assessment,the evaluation method proposed in this thesis includes indirect matching,that is,the behavior sequence is completely included in the indirect matched rules,and the behavior sequence would be vauled by a weighted processing,so as to ensure the accuracy of the evaluation results.This assessment method has broken the existing assessment methods and the either-or assessment method,which can objectively give a quantitative evaluation results.(3)This thesis completes the design and implementation of the rule base building block and safety assessment.block.In order to test the accuracy of the system,100 applications are selected from the categories of social,game,life,tools,and so on,and also select typical applications,contrast their official version of the forum released versions,so as to test the accuracy of the systemIn this thesis,we study the security of mobile terminal application program,and complete the design and implementation of the proposed security assessment system,and the function and performance are verified,which has a certain value.In addition,this thesis also analyzes the related factors affecting the system performance.