| Although the open-source and other opening characters of the Android system bring huge market share,it makes the system a primary target for malware.Meanwhile,more and more Android applications access users' private data to provide users with intelligent and personalized services.Undoubtedly,accessing users' private data has potential security and privacy risk.In order to reduce security and privacy risk,this thesis makes a review of the research background and status quo of various technologies related to Android security,analyzes the major problems of these technologies,summarizes technology development trends and proposed a combination of Android malware detection and Android permission recommendation based on categories.Traditional Android malware detection method based on machine-learning and permissions does not take the differences of usages of permissions in benign applications belongs to different categories into consideration,thus affects the the detection performance of Android malware.On the basis of this method,this thesis takes the difference of usages of permissions in benign applications belongs to different categories and malware into consideration,hence proposes an Android malware detection method based on categories.This method draws on the idea of TF-IDF algorithm and obtains permissions sensitivity coefficient based on the difference of usages of permissions between malware and benign applications belongs to different categories.Then obtain the sensitivity value character of an application according to its category,the permissions it requires,protection level of relative permissions and sensitivity coefficient of relative permissions.Apply random forest algorithm to classify applications after combining their permission characters and sensitivity value characters to detect malware.This method automatically runs static analysis and comes to a result prior to the installation of the application.Experiments show that compared to traditional Android malware detection method based on machine-learning and permissions,this method improves the detection performance of Android malware,improves 4.9% true positive rate while lowering 2% false positive rate,providing effective information for users to decide whether to install an application.In the content of Android6.0 runtime permission mechanism,based on the theory of risks and benefit of granting a permission in related work,this thesis proposes an Android permissiom recommendation method based on categories.This method obtains permission sensitivity values suitable for permission recommendation based on the usage of permissions in benign applications belongs to different categories.And then consider whether a risk is commensurate with the benefit when granting permissions to an application according to the its category,the permissions it requires and sensitivity coefficient of relative permissions.Because this method also evaluates the results of an automated static analysis prior to the installation of the application,it can be used in conjunction with the Android malware detection method based on categories presented in this thesis.Experiments show that on the basis of the proposed malware detection,this method can provide effective information in advance for users to decide whether to grant each of permissions.In summary,this thesis analyzes the usage of permissions in malware and benign applications belongs to different categories,proposes a combination of Android malware detection method and Android permission recommendation method based on categories,and proves through experiments that the methods proposed by the author can provide users with efficient information for making decisions by automatic static analysis prior to installation of the application. |
PDF Full Text Request