發(fā)布時間：2018-09-17 09:36

【摘要】：隨著智能手機的不斷普及,以及Android的快速發(fā)展,針對Android的惡意軟件、病毒等方面的安全事件也越來越頻繁。越來越多的惡意軟件、廣告被偽裝成為正規(guī)手機軟件從第三方平臺上被用戶下載安裝,隨后遠程控制用戶手機,竊取用戶的隱私甚至惡意扣費。然而,現(xiàn)有的Android應用惡意軟件檢測方法大多是基于行為的研究,在惡意軟件暴露之前,很多程序已經(jīng)對用戶造成了損失,不能滿足用戶需要,因此,研究Android應用靜態(tài)風險評估很有必要。論文工作主要研究通過靜態(tài)分析技術實現(xiàn)Android應用的風險評估。論文結合Android應用程序的結構和安全機制有關知識,分析和對比了Android平臺惡意軟件檢測相關技術,然后提出從源代碼出發(fā),利用Android靜態(tài)分析方法,對Android應用程序反編譯后的文件進行分析,從而提取權限特征,來有效地評估Android軟件中可能存在的惡意行為。論文工作的重點如下:(1)提出了一種基于惡意軟件分類的權限特征提取方法,并結合權限組合和機器學習分類方法去除冗余�；趷阂廛浖诸惖姆椒�,提取出能夠有效區(qū)分惡意軟件和正常軟件的十種權限特征屬性,根據(jù)它們彼此的相關性,對它們做了權限組合分類,從而達到去冗余的目的。此方法簡單高效,有一定的實際應用價值。(2)采用加權相似算法,對未知Android應用做風險評估。在傳統(tǒng)的Android應用安全檢測基礎之上,提出加權相似算法,通過靜態(tài)特征庫對比,針對有潛在風險的應用程序,給用戶提供安全提示。此方法相比較其他檢測方法而言,從源代碼角度出發(fā),無需實際運行Android應用程序,檢測時間較短,占用系統(tǒng)資源較少,成本低,可實際應用于Android應用風險評估。論文在收集了大量真實的正常軟件和惡意軟件樣本的基礎上進行實驗,實驗結果表明所設計的系統(tǒng)能夠對新上市的Android應用進行風險評估,系統(tǒng)穩(wěn)定,功能完善,滿足系統(tǒng)需求,達到了較好的效果�？偟膩碚f,本論文的研究結果對Android應用安全相關研究有著重要的參考價值。
[Abstract]:With the popularity of smart phones and the rapid development of Android, malicious software, viruses and other security incidents against Android are becoming more and more frequent. More and more malware ads are disguised as regular mobile phone software downloaded and installed from third-party platforms and then remotely controlled to steal users' privacy and even maliciously withhold fees. However, most of the existing malware detection methods for Android applications are based on behavior. Before malware is exposed, many programs have caused losses to users and can not meet the needs of users. It is necessary to study the static risk assessment of Android application. This paper mainly studies the risk assessment of Android application through static analysis technology. Based on the knowledge of Android application structure and security mechanism, this paper analyzes and compares the related technologies of malware detection in Android platform, and then puts forward a static analysis method based on Android, which is based on the source code. This paper analyzes the files of Android application after decompilation, and extracts the permission characteristics to evaluate the possible malicious behavior in Android software effectively. The main work of this paper is as follows: (1) A method of privilege feature extraction based on malware classification is proposed, which combines privilege combination with machine learning classification to remove redundancy. Based on the method of malware classification, ten kinds of privilege characteristic attributes which can effectively distinguish malware from normal software are extracted. According to their correlation, they are classified by combination of permissions, so as to achieve the purpose of eliminating redundancy. This method is simple and efficient, and has some practical application value. (2) using weighted similarity algorithm, the risk assessment of unknown Android applications is made. On the basis of traditional Android application security detection, a weighted similarity algorithm is proposed. Through static feature library comparison, the users are given security hints for potentially risky applications. Compared with other detection methods, this method can be applied to the risk assessment of Android applications because of its short detection time, less system resources and low cost, and no need to actually run Android application program from the point of view of source code. On the basis of collecting a large number of samples of real normal software and malware, the experiment results show that the designed system can evaluate the risk of the newly listed Android applications, and the system is stable, functional perfect, and meets the needs of the system. Good results have been achieved. In general, the results of this paper have important reference value for the research of Android application security.
【學位授予單位】：電子科技大學
【學位級別】：碩士
【學位授予年份】：2015
【分類號】：TP316;TP309

【參考文獻】

相關期刊論文 前1條

1 崔文明;余正州;任偉;;Android平臺下應用程序流量控制技術及其系統(tǒng)實現(xiàn)[J];信息網(wǎng)絡安全;2013年08期

相關碩士學位論文 前2條

1 劉磊;Android安全體系的分析[D];廣東工業(yè)大學;2013年

2 李根;Android系統(tǒng)惡意代碼檢測技術研究[D];哈爾濱工業(yè)大學;2014年

，

本文編號：2245462