Android Mobile Phone Platform For Application Of Malicious Behavior Study On Dynamic Detection

From the rise and the continuous upgrading of smart mobile terminals can be seen,the study of mobile phone platform attracted widespread attention.Which as the most widely used mobile platform,Android mobile platform security has become the focus of research.Current the research on detection of malicious programs in this platform is divided into both directions,static testing and dynamic testing.Between them,the limitations of static detection methods is larger.It has large loophole for the growing variant packers of malicious programs.By contrast,dynamic behavior detection is able to achieve better recognition of malicious programs and testing.As such,it receives more and more attention of researchers.Accordingly,this is a study for the direction of motion detection.It is a malicious behavior screening method,which based on the API call graph object.This method is called to extract relationships through the application of API objects,which combined with the graph structure,establish procedures malicious behavior characteristics.And it was by graph matching algorithm to achieve the detection of malicious behavior.Firstly,this paper made a brief introduction about the Android platform,and do a detailed analysis about the behavioral characteristics of malicious programs on the platform.Accordingly,it summarized and analyzed the existing research methods in the field of dynamic testing.Then,chose the API call object relationships as a research object,and relied on the Android virtual platform to achieve API calls data and screening.And then,analyzed the relationship among the API invocation objects by writing the analysis tool,which was the difficulty of this paper.Second,selected the suitable diagram structure for the API calls object relations characteristic to set up model.Then,introduced and analyzed the classical isomorphism matching algorithm,and according to the actual situation chose a algorithm which can improve the efficiency of matching.According to the matching results of the established API call graph model,it can achieve the purpose of detecting malicious behavior.Finally,based on the detection method proposed in this paper,there designs and implements the Android malware detection system.Through the actual testing sample programs to acquire and analyze the test results,and thus verify the validity and applicability of the detection method.