Research On Android Application Vulnerability Detection Technology Based On Reverse Engineering And Machine Learning

With the rapid development of mobile Internet,mobile devices have become a necessity in every aspect of people's life.As Android's share of the market has grown,so far,its users have accounted for more than half of it.Android-based applications have become an integral part of people's lives,attracting a large number of developers to develop and launch their own applications.However,because the Android system security mechanism is imperfect,developers,safety consciousness and so on reasons,and many applications store the lack of effective leak detection measures,such as led to a number of Android application vulnerabilities has been no repair and improvement from development to launch,making many attackers enter,brought a lot of damage to the user and platforms.Therefore,how to effectively detect the vulnerabilities of Android applications has become an urgent matter for today's Android platform.Currently,vulnerability detection methods for Android applications can be divided into three types: static vulnerability detection,dynamic vulnerability detection and mixed vulnerability detection.In recent years,the field of Android application vulnerability detection has developed rapidly,but the existing Android application vulnerability detection methods still have many shortcomings,such as low efficiency,incomplete detection and low precision.This thesis proposes an Android vulnerability detection method based on reverse engineering and machine learning,taking dynamic loading vulnerability as an example.This method makes the efficiency of vulnerability detection more comprehensive and effective.Around this method,the following work is done in this thesis:(1)The system structure,application structure and security mechanism of Android are deeply studied.The existing relatively mature Android application vulnerability detection methods are introduced in detail.(2)This thesis studies the data loss caused by the existing de-hulling technology andproposes a solution based on memory Dump.(3)Aiming at the problem of low detection efficiency caused by the large original feature set extracted from Android applications,this paper improved the ReliefF feature screening algorithm to extract the original feature set,so as to improve the efficiency of vulnerability detection.(4)In terms of classifying vulnerabilities by machine learning,there are multiple implementation forms of one type of vulnerability and different vulnerability risk levels.Therefore,the traditional binary classification algorithm and the equal-cost multi-classification algorithm have limitations.Therefore,this thesis designs a multi-tag cost sensitive integrated learning classification algorithm to classify vulnerabilities.(5)The experimental results of the constructed detection scheme are carried out,and the coverage,hamming loss and subset precision rate are used as the experimental indexes.The experiments are carried out on the data set and compared with the existing detection schemes to verify the effectiveness of the scheme.