| In recent years,the Android operating system has rapidly popularized and developed due to its open source,free and ease of use features.Its market share is over 80% and this system brings a lot of conveniences to people's lives.However,due to the open-source feature of the Android system and the lack of supervision on the third-party software market,Android malware spreads freely.The ecosystem of the Android system has not improved and has brought serious threats to users' property security.Therefore,the research on malware detection of Android platform is especially necessary to protect the privacy and property of users in Android platform.In this paper,we deeply studied the malware detecting technology on Android platform.The research work mainly includes:(1)We proposed an Android malware detecting method based on behaviors.Through the deployment of a monitoring framework of software API call behaviors on users' terminal,the hook technique is used to monitor the sensitive API call behavior of the target software to generate the real-time API access sequence and upload it to the server.The server constructs the software dynamic behavior features through analyzing the API access sequence of the software,classifies the software through the dynamic behavior models,and judges the legitimacy of the software behavior in real time.If necessary,the system will block software API access behaviors and notify the user at the same time.Based on users' feedback on malicious samples,the system will deal with the malware and prevent further harm caused by malicious software.(2)We came up with a lightweight malware detecting method of Android platform.According to different detecting requirements of malware,a two-phase Android malware detecting method is proposed.In the first phase,we use the static feature detecting model to detect malicious software quickly.According to the malwares with different features,we extract the features of software digital signature,software hash value,the permission information of software application and interface function of software invocation and use machine learning methods to build a classification model.In the second phase,aiming at the software whose software package was confused and was hardly judged by static analysis,in this paper,the dynamic features of software are obtained by simulating the dynamic behavior of software in Android simulator,and the dynamic feature detecting model is established.In order to achieve the lightweight characteristic,this paper uses feature selecting method to reduce the dimension of the feature space and to build a fast and efficient malicious detecting system.On the basis of the above research,this paper designed the modules on the server side and client side module of software malicious detecting system for Android platform and initially implemented the malware detecting system.We performed testing experiments.The experimental results show that the system has a higher accuracy and lower false alarm rate.The system can effectively solve the malware detecting problems of Android platform and reduce the adverse effects caused by malware on users. |
PDF Full Text Request