本文關(guān)鍵詞：Android安全研究進(jìn)展，由筆耕文化傳播整理發(fā)布。

Android安全研究進(jìn)展

軟件學(xué)報(bào)ISSN 1000-9825, CODEN RUXUEW

Journal of Software [doi: 10.13328/http://www.wenkuxiazai.comki.jos.004914]

©中國(guó)科學(xué)院軟件研究所版權(quán)所有. E-mail: jos@ http://www.wenkuxiazai.com Tel: +86-10-62562563

Android安全研究進(jìn)展

卿斯?jié)h1,2,3

1

2

3 (中國(guó)科學(xué)院 軟件研究所,北京 100190) (信息安全國(guó)家重點(diǎn)實(shí)驗(yàn)室(中國(guó)科學(xué)院 信息工程研究所),北京 100093) (北京大學(xué) 軟件與微電子學(xué)院,北京 102600)

通訊作者: 卿斯?jié)h, E-mail: qsihan@

摘 要: Android是目前最流行的智能手機(jī)軟件平臺(tái),報(bào)告稱,2014年,Android的銷售量占到全球份額81%的絕對(duì)優(yōu)勢(shì),首次達(dá)到10億部.其余如蘋果、微軟、黑莓與火狐等則遠(yuǎn)遠(yuǎn)落在后面.與此同時(shí),Android智能手機(jī)的日益流行也吸引了黑客,導(dǎo)致Android惡意軟件應(yīng)用的大量增加.從Android體系結(jié)構(gòu)、設(shè)計(jì)原則、安全機(jī)制、主要威脅、惡意軟件分類與檢測(cè)、靜態(tài)分析與動(dòng)態(tài)分析、機(jī)器學(xué)習(xí)方法、安全擴(kuò)展方案等多維角度,對(duì)Android安全的最新研究進(jìn)展進(jìn)行了總結(jié)與分析.

關(guān)鍵詞: Android;安全機(jī)制;惡意軟件;靜態(tài)分析與動(dòng)態(tài)分析;安全擴(kuò)展方案

中圖法分類號(hào): TP301 中文引用格式: 卿斯?jié)h. Android安全研究進(jìn)展.軟件學(xué)報(bào),2016.

英文引用格式: Qing SH. Research progress on Android security. Ruan Jian Xue Bao/Journal of Software, 2016 (in Chinese).

Research Progress on Android Security

QING Si-Han1,2,3

1

2(Institute of Software, The Chinese Academy of Sciences, Beijing 100190, China) (State Key Laboratory of Information Security (Institute of Information Engineering, The Chinese Academy of Sciences), Beijing 100093, (School of Software and Microelectronics, Peking University, Beijing 102600, China) China) 3

Abstract: Android is a modern and most popular software platform for smartphones. A report said that Android accounted for a huge 81% of all smartphones in 2014 and shipped over 1 billion units worldwide for the first time ever. Apple, Microsoft, Blackberry and Firefox trailed a long way behind. At the same time, increased popularity of the Android smartphones has attracted hackers, leading to massive increase of the Android malware applications. In this paper, we summarize and analyze the latest advances in Android security from multidimensional perspectives considering Android architecture, design principles, security mechanisms, major security threats, classification and detection of malware, static and dynamic analyses, machine learning approaches, and security extension proposals etc. Key words: Android; security mechanism; malware; static and dynamic analyses; security extension proposals

在智能移動(dòng)終端如火如荼發(fā)展的同時(shí),其安全態(tài)勢(shì)日益嚴(yán)峻.Alcatel Lucent旗下的Motive Security Labs發(fā)布的惡意軟件分析報(bào)告[1]指出,2014年,全球受惡意軟件感染的移動(dòng)設(shè)備為1 600萬臺(tái),占全部移動(dòng)設(shè)備的0.68%,同比增長(zhǎng)了25%,高于2013年的20%.圖1說明自2012年12月到2014年12月之間移動(dòng)設(shè)備感染率增 基金項(xiàng)目: 國(guó)家自然科學(xué)基金(61170282)

Foundation item: National Natural Science Foundation of China (61170282)

收稿時(shí)間: 2015-06-20; 修改時(shí)間: 2015-08-31; 采用時(shí)間: 2015-09-11; jos在線出版時(shí)間: 2015-10-16

CNKI網(wǎng)絡(luò)優(yōu)先出版: 2015-10-16 11:53:29,

  本文關(guān)鍵詞：Android安全研究進(jìn)展，由筆耕文化傳播整理發(fā)布。