Software Behavior Detection And Analysis For IOS Platform

With the rapid development of the mobile Internet,Apple has launched a series of iPhones that have rapidly become popular all over the world because of its smoothness,rapidity,and security.However,iOS(iPhone Operation System)security makes users lack operating authority and reduces their experience.Therefore,many iphone users seek to improve their operation authority.However,they will soon face the risk of malicious program or code invasion,and users' privacy and rights will be greatly threatened.Therefore,the research on the detection,analysis and protection of the software behavior of the iOS platform is of practical significance.First of all,the paper analyzes the research status of iOS application security both at home and abroad,and finds that most iOS security research focuses on iOS security mechanism and iOS security development.This paper also summarizes the static analysis and dynamic analysis of iOS applications,proposes the concept of detection,analysis and protection of software behavior for iOS platform,as well as the content to be studied.Secondly,for the commonly used iOS applications,this paper constructs a comparison table of iOS system functions and suspicious behaviors,uses static detection and analysis methods to detect and analyze iOS applications,scans and recognizes the system functions that are invoked.According to the table of system function and software suspicious behavior,it is determined whether the target application has suspicious behavior that threatens the user's security,and the suspicious behavior and its position are recorded in the suspicious behavior table of the application.This paper compares suspicious behavior with the permissions applied in its configuration file to determine that whether the application software may threat users' privacy and rights.Again,according to iOS system function and suspicious behavior comparison table and the application suspicious behavior table that got by the static detection and analysis method,this paper dynamically detects and analyzes the target application program,tracks the target application program,obtains the memory address of the function when the program is called at runtime,searches for and listens to the system functions that calledtherein,obtains the data information passed to the calling functions when the software is executed,analyzes that whether the passed-in information contains the users' privacy information,and interacts with the data of application network communication to verify whether the suspicious behavior actually damages the interest of users.Finally,based on dynamic detection and analysis principle and the comparison table of system function and suspicious behavior,this paper uses OC language and Logos script to design and implement a plug-in for iOS software behavior detection with the iOS software behavior hijacking technology to identify the dangerous behavior of the software that users used.The validity of the plug-in is verified through the detection of several malicious and commonly used software.