| In recent years,the market share of the Android OS(operating system)has become larger and larger,gradually consolidating its dominance in the mobile operating system.In order to ensure the needs of a large user community,individual developers and application software developers are constantly pouring in,and Android application software is also increasing rapidly.Some lawless elements took advantage of malware to gain relevant benefits by obtaining user privacy and malicious deductions.Due to the immaturity of the application market detection technology,users will face the harm caused by malware every day.Therefore,the detection problem of Android application software is currently concerned by major security platforms and application markets,and this issue has become a hot issue in academic research.At present,in the detection technology of Android malware,most of them are static detection technology and dynamic detection technology.Static detection technology does not require the actual execution of the program,and there is a problem of a high false positive rate.The dynamic detection technology requires the actual operation of the program,and there is a problem that the false negative rate is high and the execution efficiency is low.Therefore,in view of the high false positive rate of static detection methods and the low efficiency of dynamic detection methods,this paper proposes a static and dynamic combined malware detection method,which aims to combine the advantages of static detection and dynamic detection.Wherever,the efficiency of detection is improved while reducing the false alarm rate.Aiming at the problem of high false positive rate of static detection,this paper proposes a static and dynamic malware detection method,which reduces the false positive rate of detection by dynamically detecting the execution of the application after static detection.Aiming at the problem of low static detection efficiency,this paper proposes a data preprocessing method based on malicious privilege combination to mark the smudge data by malicious privilege to reduce the time consumption of taint data analysis.Aiming at the low efficiency of dynamic detection process detection,this paper proposes a test script file generation method,which combines static detection result data and script logic to generate script files that can be automatically executed,and reduces the interface click event of dynamic detection execution.Thereby reducing the time consumption of dynamic detection.To verify the feasibility of the model,the sample data set selected during the experiment was derived from the VirusShare malicious sample library and the Google Play Store Google Official App Store.This experiment verifies the feasibility and effectiveness of the model by comparing it with the static detection model and the dynamic detection model. |
PDF Full Text Request