Design And Implementation Of Static Detection System On Android Application

With the growth of Mobile Internet, smart phones play an increas-ingly important role in daily life, leading to the popularization of Android system which is open source and easy to operate, penetrated into all as-pects of life and study,has brought many conveniences to people, can send and receive e-mail, possible to connect the mobile Internet access to news, learning materials whenever and wherever. However, because of the open source characteristics of Android system and high penetration rate, so that hackers will Android operating system as a potential target.They develop Android applications with malicious code, through mali-cious applications to steal user privacy, destroy Android system, causing trouble to users, and even economic losses. Therefore, the detection of Android application, to strengthen its effective security assessment has become an increasingly important issue need to be solved. In order to de-tect the potential threat of Android application, this paper has researched and analyzed the static detection technique by referring to a large number of references, and designed a static detection system for Android applica-tion.First of all, in order to understand the principle of vulnerability and to achieve effective detection, this paper has macroscopical analysis of the Android system architecture and its unique security mechanism. Then,we focus on the research of the existing detection methods based on source code at home and abroad, compare the advantages and disad-vantages of these methods, propose a static detection technology based on JVM bytecode, and detect the Android application by decompile process the resulting JAR files and configuration files.Relative to the source-based detection, it ensures that the risk of loss of information due to the conversion is minimized. The main work of this paper is as fol-lows:(1) Preprocessing to detect the file.Use Android application APK as input, convert it into the required JVM bytecode detection file format by using methods and tools.(2) Extract the API interface characteristic value of the sensitive be-havior.The system can convert the files which may cause the threat to JVM bytecode, find out the key characteristic values, and save it in the specific format as the basis of detection rules.(3) Extract the characteristic value of the known.melicious vulnera-bility.According to the existing Android vulnerability, make it into JVM bytecode, extracted from the specified byte code as the eigenvalue se-quence model, constitute the detector mode state transfer conditions.(4) The design and implementation of detection system.Through a large number of research and analysis, designed a static detection system model, and the detection result can be realized by judg-ing whether the file to be detected and the extracted eigenvalue sequence match the vulnerability pattern by means of string matching.This paper describes this system design and implementation, system testing in details. The results show that the system can effectively detect Android applications malicious vulnerabilities, suspicious sensitive per-missions call behavior.