本文選題：安卓系統(tǒng) + 權(quán)限組合��； 參考：《北京郵電大學(xué)》2016年碩士論文

【摘要】：Android系統(tǒng)惡意應(yīng)用檢測(cè)一直是移動(dòng)終端安全研究的重點(diǎn)。隨著代碼混淆等保護(hù)技術(shù)的應(yīng)用,惡意應(yīng)用的檢測(cè)愈加困難。與此同時(shí),多數(shù)終端用戶忽視應(yīng)用申請(qǐng)權(quán)限情況使惡意應(yīng)用更加猖獗。為了從根本上解決Android系統(tǒng)安全保護(hù)的問(wèn)題,學(xué)術(shù)界對(duì)惡意程序檢測(cè)開(kāi)展了深入研究。當(dāng)前Android惡意應(yīng)用的檢測(cè)主要針對(duì)應(yīng)用的行為,而且多數(shù)研究?jī)H對(duì)單數(shù)據(jù)源進(jìn)行特征提取,檢測(cè)效果并不理想。因此,迫切需要一種有效的檢測(cè)方案來(lái)對(duì)應(yīng)用程序進(jìn)行檢查和分析,以協(xié)助終端用戶發(fā)現(xiàn)那些可能會(huì)引發(fā)安全問(wèn)題的應(yīng)用程序。針對(duì)Android系統(tǒng)提出一種準(zhǔn)確快速的惡意應(yīng)用檢測(cè)方案需要考慮如何解決以下問(wèn)題:如何利用和改進(jìn)現(xiàn)有的方法,使得方案設(shè)計(jì)更適合移動(dòng)端計(jì)算?如何盡量避免混淆等代碼保護(hù)技術(shù)的影響,方便提取、分析和研究Android應(yīng)用程序的惡意特征?如何對(duì)特征進(jìn)行量化進(jìn)而度量應(yīng)用的惡意程度?針對(duì)這幾個(gè)問(wèn)題,本論文的主要工作如下:一、本文詳細(xì)研究了 Android系統(tǒng)安全機(jī)制、重要組件、Kirin保護(hù)策略和Apex框架,分析了移動(dòng)惡意應(yīng)用運(yùn)行原理和發(fā)展趨勢(shì),并分析了當(dāng)前主流的Android惡意應(yīng)用檢測(cè)方法。二、通過(guò)分析當(dāng)今Android系統(tǒng)上的所有權(quán)限,研究權(quán)限之間的相關(guān)性,得到了可能泄露用戶或終端信息進(jìn)而引發(fā)系統(tǒng)安全問(wèn)題的相關(guān)權(quán)限組合。并通過(guò)對(duì)市場(chǎng)應(yīng)用集合的測(cè)試為每一組合賦以權(quán)值,用來(lái)表示其危險(xiǎn)程度。三、根據(jù)保護(hù)策略和框架的學(xué)習(xí),修改Android系統(tǒng)原有安裝程序PackageInstaller,采用組合方式增強(qiáng)申請(qǐng)權(quán)限的分析,并將檢測(cè)結(jié)果以數(shù)字和級(jí)別的形式顯示,使用戶對(duì)應(yīng)用程序的潛在威脅有更好的感知和把握,以便做出合理的判斷。四、當(dāng)前重打包已經(jīng)成為Android惡意應(yīng)用產(chǎn)生的主要途徑。我們提出了一種依靠代表性文件內(nèi)容特征有效檢測(cè)重打包惡意應(yīng)用的方法。此方法不僅能抵抗混淆的影響,而且可以與相關(guān)權(quán)限檢測(cè)方法聯(lián)合使用,通過(guò)多特征提取進(jìn)一步提高Android惡意應(yīng)用檢測(cè)的準(zhǔn)確性。
[Abstract]:Android malicious application detection has been the focus of mobile terminal security research. With the application of protection technology such as code confusion, the detection of malicious applications becomes more and more difficult. At the same time, most end-users ignore applications to apply for permission to make malicious applications more rampant. In order to solve the problem of security protection of Android system fundamentally, the academic circle has carried on the thorough research to the malicious program detection. At present, the detection of Android malicious applications is mainly aimed at the behavior of the application, and most of the researches only extract features from single data source, so the detection effect is not satisfactory. Therefore, there is an urgent need for an effective detection scheme to check and analyze applications to help end users find applications that may cause security problems. This paper proposes an accurate and fast malicious application detection scheme for Android system. How to solve the following problems: how to use and improve the existing methods to make the scheme design more suitable for mobile computing? How to avoid the influence of code protection technology, such as confusion, so as to extract, analyze and study the malicious features of Android applications? How to quantify the features and then measure the malicious degree of the application? The main work of this paper is as follows: first, this paper studies the security mechanism of Android system, the important component of Android protection policy and Apex framework, and analyzes the running principle and developing trend of mobile malicious application. And analyzed the current mainstream Android malicious application detection method. Secondly, by analyzing all the permissions in today's Android system and studying the correlation between the permissions, we get the combination of permissions which may leak the user or terminal information and cause the security problems of the system. By testing the set of market applications, each combination is weighted to indicate the degree of danger. Third, according to the learning of protection strategy and framework, modify the original installation program package installer of Android system, enhance the analysis of application permission by combination, and display the results of the test in digital and level form. Make the user have a better perception and grasp of the potential threat of the application in order to make a reasonable judgment. Fourth, the current repackaging has become the main way to generate Android malicious applications. We propose a method to effectively detect and repackage malicious applications based on the content features of representative files. This method not only can resist the influence of confusion, but also can be used in conjunction with the relevant authority detection method. The accuracy of Android malicious application detection can be further improved by multi-feature extraction.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2016
【分類號(hào)】：TP309;TP316

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 袁萌;;Android計(jì)劃為什么要懸賞1000萬(wàn)[J];信息系統(tǒng)工程;2007年12期

2 林耕宇;;觀摩50名Google Android程序開(kāi)發(fā)競(jìng)賽作品[J];電子與電腦;2008年08期

3 樹(shù)子;;Android中文版不完全體驗(yàn)[J];互聯(lián)網(wǎng)天地;2009年04期

4 Jason Whitmire;;產(chǎn)業(yè)軟件專家如何協(xié)助解決Android的分裂困境[J];電子與電腦;2010年02期

5 蔣彬;;10款A(yù)ndroid手機(jī)必備應(yīng)用——Android操作系下的軟件評(píng)測(cè)[J];微電腦世界;2010年04期

6 ;PCWorld Windows Phone 7挑戰(zhàn)Android 毅然崛起的AndroidⅠ洗心革面的Windows Phone 7[J];微電腦世界;2010年08期

7 韓青;;Android平臺(tái)發(fā)展的動(dòng)力與挑戰(zhàn)[J];中國(guó)電子商情(基礎(chǔ)電子);2010年09期

8 方智勇;;Android手機(jī)這樣用[J];電腦迷;2010年15期

9 缺少浪漫;;Android的另一面[J];電腦迷;2010年13期

10 ;ZTE and Three Release Android ，

本文編號(hào)：2098789