Research On Resources Misuse Behavior In Android Applications

Android is the most popular mobile platform at present,and various Android ap-plications have greatly facilitated people's lives.When Android's memory and other system resources are insufficient,it will release memory by kill some processes.In or-der to avoid it has influence on providing service for users,Android applications will use various ways to keep alive in the background.To provide personalized services for users,Android applications often botain some privacy data of users,such as user's phone number,geographic location and so on.Attackers gain enormous benefits by acquiring users'privacy data and installing malicious applications which can keep alive in the background at present.Because these behaviors can also occur in normal applica-tions,it is difficult to detect them.Researchers have proposed many solutions to detect privacy data leakage,including static detection and dynamic detecion.However,these solutions only detect at the application level at present,rather than detect specific mali-cious behavior.As for the background keep-alive behavior in the Android applications,current solutions are not enough to distinguish if it's malicious.So the following work has been done in this paper to solve these two problems:1.Detecting Malicious Soundless Audio Playing Behavior to keep alive in Android Applications For Android applications,one way to keep alive in the background is to play soundless audio.To solve the problem that Android applications play soundless audio to keep alive in the background maliciously,occupy system resources or try to steal user's privacy,we propose a solution based on one class support vector machine(SVM).Because there exists normal soundless audio playing behavior to keep alive in the background in Android applications,in order to distinguish them,we motify Android system to collect audio data and sensor data,and use one class SVM combining audio data and sensor data to detect this behavior.The true-negative rate in the experiment is 96%.2.Automatically Detecting Privacy Misuse in Android Applications In order to solve the problem that malicious applications misuse users'privacy data,we implement a model to detect malicious privacy data usage based on be-havior similarity contrast in Android applications.We use dynamic detection technology to obtain the relevant information when Android application is run-ning.By comparing the similarity of privacy data usage in applications in the same category,the model can judge whether the privacy data usage is malicious.The average true-negative rate for each category in the experiment is over 90%.