本文選題：Android系統(tǒng)　切入點：惡意代碼　出處：《山東師范大學》2017年碩士論文

【摘要】：當前移動網絡的快速發(fā)展,尤其是當前的3G和4G網絡的快速興起,移動設備日益成為人們生活工作中必不可少的工具。移動終端的普遍使用帶來了一系列的問題,特別是信息安全問題是目前最為關注的問題。移動通信終端設備的信息不受危害損失等問題時刻承受著考驗。Android系統(tǒng)以其開源的優(yōu)勢備受各個移動設備廠商的青睞,從第一部Android系統(tǒng)智能機發(fā)布,僅僅兩年的時間就占到了全球的48%的市場份額;到2016年4、5、6月份,Android系統(tǒng)手機在智能手機界已經達到了86.2%的比率。該比率遠遠把IOS(12.9%)、Windows Phone(0.6%)甩在后面。由此看見,Android系統(tǒng)的安全問題的重要性顯而易見。本文在世界各國學者研究基礎之上,結合當前的熱點技術,對Android系統(tǒng)惡意代碼檢測與防御技術進行進一步研究。文章之初對Android系統(tǒng)惡意代碼檢測防御技術研究現(xiàn)狀做了分析,分析了Android系統(tǒng)惡意代碼現(xiàn)狀與安全現(xiàn)狀,以及該領域的研究成果。對該領域研究的困難與挑戰(zhàn)分析說明。詳細分析了系統(tǒng)Android層次體系結構,及其體系結構下的安全機制做了深入的分析。對目前流行的機器學習學科加一介紹,分析了學習定義、特征選取標準、分類算法、小樣本統(tǒng)計理論等方面。最后根據(jù)Android系統(tǒng)惡意代碼特點,提出基于類別SVM的Android系統(tǒng)惡意代碼檢測與防御技術。論文對基于類別SVM的Android系統(tǒng)惡意代碼檢測與防御技術方面做了理論說明并給出實現(xiàn)方案。借用目前機器學習學科的優(yōu)勢,結合Android系統(tǒng)惡意代碼特點,選擇了SVM機器學習算法。根據(jù)同一類別中APP中的具有相同的一組特征,如果該類中某一APP出現(xiàn)的特征與該組特征集異常,可以預測該APP中有惡意代碼的存在。根據(jù)這一原理,進行方案設計,首先對Android系統(tǒng)APP進行人工干預分類,對數(shù)據(jù)進行反編譯,選取權限和API兩組特征集創(chuàng)建模型進行訓練,選取SVM分類算法進行分析,最后對數(shù)據(jù)模型進行相關的評估,最后得出提出的方案優(yōu)于其他的SVM機器學習檢測技術的結論,證明了該項技術的可行性。目前學術界還沒有系統(tǒng)的惡意APP樣例數(shù)據(jù)庫,本文的樣例來自各大APP商城與知名網站作為測試數(shù)據(jù),對相關的訓練模型進行了測試。經實驗評估驗證,基于類別SVM的Android系統(tǒng)惡意代碼檢測與防御技術性能較好。方案符合預期的效果。
[Abstract]:With the rapid development of mobile networks, especially the rapid rise of 3G and 4G networks, mobile devices have increasingly become an indispensable tool in people's lives and work. The widespread use of mobile terminals has brought a series of problems. Especially, the problem of information security is the most concerned issue at present. The problems such as the information of mobile communication terminal devices are not damaged by harm, and so on. Android system is favored by various mobile device manufacturers because of its advantage of open source. Since the release of the first Android smartphone, it has accounted for 48% of the global market in just two years. By the end of June 2016, Android phones had reached a rate of 86.2 percent in the smartphone world. This ratio is far behind the IOS12.9Windows phone 0.6. This shows the importance of the Android system's security problems. This paper is based on the research of scholars around the world. Combined with the current hot spot technology, this paper makes further research on the malicious code detection and defense technology of Android system. At the beginning of this paper, the present research status of malicious code detection and defense technology in Android system is analyzed. This paper analyzes the present situation and security status of malicious code in Android system, as well as the research results in this field, analyzes the difficulties and challenges in this field, and analyzes the Android hierarchy architecture of the system in detail. The security mechanism under its architecture is deeply analyzed. The current popular machine learning disciplines are introduced, and the learning definition, feature selection criteria, classification algorithms are analyzed. Finally, according to the characteristics of malicious code in Android system, This paper puts forward the malicious code detection and defense technology of Android system based on class SVM. This paper explains the malicious code detection and defense technology of Android system based on class SVM and gives the implementation scheme. Based on the characteristics of malicious code in Android system, a SVM machine learning algorithm is selected. According to the same set of features in APP in the same class, if a APP in this class appears an exception to the set of features, The existence of malicious code in the APP can be predicted. According to this principle, the scheme design is carried out. Firstly, the Android system APP is classified manually, the data is decompiled, the permission is selected and two groups of API feature sets are created to train the model. The SVM classification algorithm is selected to analyze, and the data model is evaluated. Finally, the conclusion is drawn that the proposed scheme is superior to other SVM machine learning detection techniques. The feasibility of this technique has been proved. At present, there is no systematic malicious APP sample database in academic circles. The samples in this paper come from various APP stores and famous websites as test data. The related training model is tested. The experimental results show that the malicious code detection and defense technology of Android system based on class SVM has good performance and the scheme is in line with the expected results.
【學位授予單位】：山東師范大學
【學位級別】：碩士
【學位授予年份】：2017
【分類號】：TP316;TP309

【參考文獻】

相關期刊論文 前10條

1 管飛詩;徐夫田;;基于類別SVM的Android系統(tǒng)惡意軟件檢測研究[J];科技風;2016年21期

2 管飛詩;徐夫田;;Android惡意軟件特性與進化分析研究[J];數(shù)字技術與應用;2016年05期

3 彭國軍;李晶雯;孫潤康;肖云倡;;Android惡意軟件檢測研究與進展[J];武漢大學學報(理學版);2015年01期

4 文偉平;梅瑞;寧戈;汪亮亮;;Android惡意軟件檢測技術分析和應用研究[J];通信學報;2014年08期

5 張玉清;王凱;楊歡;方U喚，

本文編號：1698802