The Application Of Android Malware Detection In The Electronic Forensics

In recent years,the Android system market has a share expansion and the market share ratio of Android system in our country is up to 77%.In particular,With the po pularization of global mobile Internet,it becomes the main online pattern to surf the i nternet by the mobile terminals.However,the Android system can not avoid all kind s of malicious program violations or Trojan horse disguised as legitimate software.De ceptive malicious links hidden in the mobile phone short message does great harm to Android security.Multifarious illegal crimes happen from time to time,such as electr onic fraud,extortion,personal information illegal sale.Therefore,it is important to d evelop programs which can test electronic evidence specific of Android malware thro ugh effective methods.This paper proceeds as follows.First,I will introduce the framework of the Andr oid platform.Then,I will describe the security mechanism of the Android system in d etail,from which I began to discuss the universal potential security risks hidden in A ndroid platform.After that,I will illustrate that security problems caused by the third party software is the major way and the "culprit" to cause attack to the Android platf orm.Meanwhile,I explain several security protection common methods for Android malicious application.The paper focus on the example to the malicious program "album.APK" as the an alysis object to study,based on static detection and dynamic monitoring to detect the electronic evidence,which provides a strong support to analyze transferring sensitive dates and extracting important clue data,etc.It proves that the Android system applic ation malicious code detection method is important and effective in detecting the elec tronic evidence of Android applications.From the perspective of the Android application security,this paper aims to analysis Android system's potential safety hazards in different links,in-depth analysis of attack and prevention method of the Android system,through reasonable practical operation and appropriate analytical tools.I take full use of reverse-engineering project,combining with the standard of electronic evidence detection to achieve the purpose that what one app is really for and extract relevant information to a case.I hope that my study can supply a practical method to analysis the detection of the material evidence of Android malware.