【摘要】：隨著Android手機(jī)的硬件性能和市場(chǎng)占有率不斷提升，越來越多的黑客將目光投向Android手機(jī)。目前，關(guān)于移動(dòng)終端安全問題的報(bào)告屢見不鮮，引起了研究學(xué)者的廣泛關(guān)注。本文深入研究基于Android平臺(tái)的可控僵尸網(wǎng)絡(luò)，掌握僵尸程序的實(shí)現(xiàn)方法和運(yùn)行機(jī)理，探討各類僵尸網(wǎng)絡(luò)的控制策略，為Android手機(jī)安全防護(hù)軟件提供一個(gè)攻擊平臺(tái)。 本文通過獨(dú)立隔離實(shí)驗(yàn)環(huán)境的建立、通信數(shù)據(jù)加密和僵尸程序自動(dòng)銷毀三種策略實(shí)現(xiàn)系統(tǒng)的可控性，保證系統(tǒng)的安全性和無危害性。 本文通過對(duì)已有惡意代碼的研究與分析，完成了載體應(yīng)用和僵尸程序兩個(gè)模塊，僵尸程序通過代碼混淆手段隱藏在作為載體應(yīng)用的課程管理系統(tǒng)中。僵尸程序具有獲取用戶信息、后臺(tái)發(fā)短信、后臺(tái)打電話、向指定IP發(fā)起DDOS攻擊和數(shù)據(jù)處理五個(gè)功能。其中，數(shù)據(jù)處理模塊包含用戶信息上傳和控制命令解析兩個(gè)子模塊。 本文以WEB服務(wù)器作為Android平臺(tái)可控僵尸網(wǎng)絡(luò)的控制端，采用具有異步交互訪問功能的Tornado作為服務(wù)器框架，實(shí)現(xiàn)了信息展示與命令發(fā)布、數(shù)據(jù)庫(kù)設(shè)計(jì)以及通信控制三大模塊。信息展示與命令發(fā)布模塊用于控制者登錄、受控手機(jī)信息顯示和可視化命令發(fā)布。數(shù)據(jù)庫(kù)模塊采用MongoDB以JSON格式對(duì)用戶信息和控制命令進(jìn)行存儲(chǔ)。通信控制模塊通過改進(jìn)基于HTTP協(xié)議的輪詢機(jī)制，實(shí)現(xiàn)控制命令發(fā)布。 測(cè)試結(jié)果表明，本系統(tǒng)的Android手機(jī)端和WEB控制端的各個(gè)功能模塊均可穩(wěn)定運(yùn)行，受控手機(jī)能夠根據(jù)控制命令執(zhí)行相關(guān)功能；含有僵尸程序的載體應(yīng)用在各版本Android手機(jī)的性能測(cè)試中也展示出了良好的性能；在真實(shí)環(huán)境下，系統(tǒng)也可以正常運(yùn)行，能夠達(dá)到預(yù)期的效果。
[Abstract]:With the increasing hardware performance and market share of Android phones, more and more hackers are turning their attention to Android phones. At present, the report on the security of mobile terminals is common and has attracted the attention of researchers. In this paper, the controllable botnet based on Android platform is deeply studied, the realization method and running mechanism of botnet are grasped, and the control strategy of various botnet is discussed, which provides an attack platform for Android mobile phone security protection software. This paper realizes the controllability of the system through the establishment of the independent isolation experimental environment, the encryption of communication data and the automatic destruction of the zombie program, so as to ensure the security and no harm of the system. In this paper, two modules of carrier application and zombie program are completed through the research and analysis of existing malicious code. Zombie program is hidden in the curriculum management system as carrier application by means of code confusion. Zombie programs have access to user information, background messaging, background phone calls, DDOS attacks to the designated IP and data processing five functions. The data processing module includes two sub-modules: user information upload and control command parsing. In this paper, the WEB server is used as the control end of the controllable botnet on the Android platform, and the Tornado with asynchronous interactive access function is used as the server framework. The three modules of information display and command release, database design and communication control are realized. Information display and command release module is used to control the login, controlled mobile phone information display and visual command release. The database module uses MongoDB to store user information and control commands in JSON format. By improving the polling mechanism based on HTTP protocol, the communication control module can issue control commands. The test results show that each function module of the Android mobile phone and the WEB control end of the system can run stably, and the controlled mobile phone can perform the related functions according to the control command. The carrier with zombie program also shows good performance in the performance test of each version of Android mobile phone. In the real environment, the system can also run normally and achieve the desired results.
【學(xué)位授予單位】：哈爾濱工業(yè)大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前4條

1 張運(yùn)凱,王方偉,張玉清,馬建峰;蠕蟲病毒的傳播機(jī)制研究[J];計(jì)算機(jī)應(yīng)用研究;2005年04期

2 懷進(jìn)鵬;李沁;胡春明;;基于虛擬機(jī)的虛擬計(jì)算環(huán)境研究與設(shè)計(jì)[J];軟件學(xué)報(bào);2007年08期

3 曉岸;;冷觀斯諾登事件的三個(gè)角度[J];世界知識(shí);2013年13期

4 史創(chuàng)明,王立新;數(shù)字簽名及PKI技術(shù)原理與應(yīng)用[J];微計(jì)算機(jī)信息;2005年08期

，

本文編號(hào)：2399646