Automatic Malicious Android Application Detection By Combining Static Analysis And Dynamic Testing

With the rapid development of Internet,mobile devices and mobile applications are becoming universal.Meanwhile,malicious applications afflict users.They have brought serious threat for network and the security of information.Android has become the main running and transmission platform of these malicious applications because of the openness and loose review mechanism of it.At present,malicious Android applications are dangerous for users with many types,such as money steal,data traffic consume and privacy leak.Moreover,malicious Android applications often use reflection mechanism to avoid detecting.Therefore,timely detection of malicious applications has become a common concern of academia and industry.Nowadays,static analysis,dynamic testing and data mining can be used to detect malicious Android applications.Static code analysis is simple and fast,but it has high false alarm rates;Dynamic testing runs applications and collects behavior information to detect malicious behavior,it ensures accuracy but requires much time and resource;The detection technology using data mining constructs classifiers based on data sets,it needs a large number of malicious applications and can not detect new types of malicious applications.Therefore,the detection of malicious Android applications still faces the challenge of accuracy and efficiency.To overcome the limitations discussed above,this paper combines static analysis and dynamic testing to detect malicious Android applications automatically and main tasks as follows:? This paper proposes a reflection mechanism detection technology to detect different types of reflection calls in Android applications effectively;? This paper proposes a static and dynamic combination technology to detect various types of malicious Android applications efficiently;? This paper develops a malicious Android application detection tool named MalDet and carries out experimental research.The results show that the tool improves the detection efficiency of malicious Android applications and can guarantee the accuracy.