| The malicious code research of android platform is an important research direction of mobile security field.At present,it mainly involves with two detection methods: static detection and dynamic detection.Static detection has advantages of high speed and efficiency but confronts such countermoves as code encryption,code obfuscation,etc.Dynamic detection can immunize countermoves of static detection like code encryption,but it confronts such disadvantages as low detection speed,low code coverage,etc.This paper does considerable research work in both static detection and dynamic detection to meet the massive and industrialized detection need.In the part of static detection,this paper compiles a universal unpacker which can resist most of the code reinforcement methods in the market with a fast unpacking speed,thus substantially improving the accuracy and efficiency of static detection.In the part of dynamic detection,this paper innovatively brings forward honeypot system which greatly expands code coverage by creating honeypot to trigger malicious code.At last,in order to meet the industrialized detection need,this paper makes an optimization of the whole detection system and designs a stable,efficient and large-scale deployed system of detecting malicious code.The system designed in this paper has been practiced in a large Internet company and its operation result shows that this system can fully meet the need of industrialized and large-scale detection of malicious code. |
PDF Full Text Request