Analysis And Detection Of Trojan Horse Under Android Platform

With the rapid development of the Internet industry and the improvement of electronic products technology,smart phones have not only brought convenience to people's life,but also become an indispensable part of life.Today,the application of the Android operating system in the market occupies a high proportion,people's lives are also inseparable from smart phones.At the same time,due to the open source nature of the Android system,developers can modify the original basic framework according to people's needs,but this is also the root cause of security risks.After the Android system is infected by trojans,it will perform corresponding malicious operations in the background through various hidden technologies,such as cost consumption,rogue behavior,privacy theft and malicious deduction of fees.Aiming at the problem of Trojan horse intrusion under Android platform,this paper designs a Trojan horse detection method under Android platform.In order to effectively reduce the frequency of Android system being infected by Trojan virus,to solve the problem fundamentally and maintain the security of network information,this paper designs a new Trojan detection method for Android platform.Firstly,this paper analyses the background of Trojan Horse Detection under Android platform and the current research situation at home and abroad.Secondly,the overall architecture of the Android platform system and its own unique security mechanism are studied to fully understand the hidden dangers of the security mechanism under the Android platform.In order to improve the security of the Android operating system and reduce the probability of the system being invaded by Trojan viruses,this paper studies the Trojan working principle,the behavior characteristics of the Trojan horse,the propagation mode of the Trojan horse,and analyzes the core Trojan detection technology under the current Android platform.On this basis,an Android platform Trojan detection scheme based on feature code detection is designed.This system combines the detection of the characteristic code with the detection of the sensitive permission in the application program,which can realize the effective detection of the unknown Trojan horse and make up the defect of the detection of the characteristic code Trojan horse.The system mainly includes two parts,namely the feature code scanning module and the sensitive authority classification detection module.First,the feature code scanning module is composed of a file scanning module and a signature matching module.The file scanning module parses the imported API file,and extracts the feature code and transmits it to the signature matching module to determine whether there is a Trojan.The sensitive permission classification detection module is mainly composed of a sensitive feature authority extraction module,a data preprocessing module and a classification detection module.The main function of the sensitive feature permission extraction module is to extract sensitive permissions in the file.The data preprocessing module filters the extracted sensitive permissions by the information gain algorithm and the chi-square verification algorithm,and the classification detection module uses the processed data.The naive Bayesian algorithm classifies whether there is an unknown Trojan,and warns if there is a Trojan.Finally,in order to test whether the Trojan detection system can achieve the desired effect,the performance test and integration test are carried out for each module of the Trojan detection system.The data analysis shows that this system can effectively detect the known or unknown trojans on the Android platform,and sensitive permission detection has played a certain role,reaching the expected effect of the design.