Behavior status switching mode identification method of application program for Android-based smart phone

An application program, smartphone technology, applied in special data processing applications, telephone communications, instruments, etc., can solve the problems of inability to effectively detect security risks, detection technology can not identify whether the application is infected with viruses, etc., to achieve the detection of security risks. Effect

Inactive Publication Date: 2012-08-22
HARBIN INST OF TECH
View PDF2 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention aims to solve the problem that the existing technology for detecting the application behavior pattern on the Android platform cannot identify whether the application is infected with a virus, and cannot effectively detect malicious hidden safety hazards, and proposes an application based on an Android smart phone. Pattern Recognition Method of Program Behavior State Transition

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Behavior status switching mode identification method of application program for Android-based smart phone
  • Behavior status switching mode identification method of application program for Android-based smart phone
  • Behavior status switching mode identification method of application program for Android-based smart phone

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach 1

[0011] Specific implementation mode 1. Combination figure 1 Illustrate this embodiment, the application program behavior state conversion pattern recognition method based on Android smart phone, its concrete method is:

[0012] Step 1. According to the time interval, the system monitoring module intercepts the system state, filters and converts the intercepted information, and records the generated composite state sequence, and then sends the composite state sequence to the data center module;

[0013] Step 2. The behavior learning module reads the sequence to be learned and the initial model from the data center module. After repeated learning, and ends with a certain convergence standard, the learning result is stored in the data center module. The learning result is the class the applied HMM;

[0014] Step 3. The behavior detection module sets the detection strategy according to the application type to be detected. If it is a known type of application, select the correspon...

specific Embodiment approach 2

[0015] Specific embodiment two, combine figure 1 This embodiment is described. The difference between this embodiment and the first embodiment is that the system monitoring module described in step 1 uses the interactive control module to configure monitoring parameters and control the operation of each module of the system.

[0016] In this embodiment, the interactive control module 5 is used to configure some monitoring parameters, and controls the operation of each module of the system, such as the user can open the SMS (Short Messaging Service) application program to perform some operations, and start the system monitoring module to intercept SMS in the background behavior status information, and combine the information to form the original composite state U. The user can also repeat this process to monitor the running behavior of multiple SMS programs. These applications must all be SMS-type applications with normal application behavior, namely They have relatively consis...

specific Embodiment approach 3

[0017] Specific embodiment three, combine figure 2 Describe this implementation mode, the difference between this implementation mode and specific implementation mode 1 is that the specific process of the step 1 is:

[0018] Step 1.1, start the system monitoring module, and the user sets the monitoring parameters: start the monitoring component, and monitor the status of the system when the monitoring application is running; set the monitoring parameters, including the time parameter of the monitoring time interval and the application name;

[0019] Step 1.2, determine whether to continue monitoring, if yes, then perform step 1.3, if not, generate an observation sequence and synchronize it to the data center module;

[0020] Step 1.3. Obtain the system state information corresponding to the monitored application: including the elements that make up the composite state, the stack top component type, the current state of the application, and the CPU and memory consumption of th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a behavior status switching mode identification method of an application program for an Android-based smart phone and belongs to the field of phone safety. The invention particularly relates to a behavior status switching mode identification method of an application program, in order to solve the problems that whether application is infected with a virus can not be detected out in the prior art and hidden potential safety hazards can not be effectively detected. The identification method comprises the following processes: a system monitoring module intercepts, filters and switches a status, records a generated composite status sequence and sends the composite status sequence into a data center module; a behavior learning module reads a sequence to be learned and an initial model, repeated learning is finished by the convergence criteria, and the result is stored in the data center module; and a detection strategy is set by a behavior detecting module, if application is a known type, an HMM (Hidden Markov Model) is selected for carrying out once complete evaluation; and if the application is an unknown type, whether an unsafe behavior exists is detected, all HMMs representing malicious behaviors are utilized for carrying out complete evaluation for multiple times, and then a result is output. The identification method is used for safety detection of the smart phone.

Description

technical field [0001] The invention belongs to the field of mobile phone security, and in particular relates to an application program behavior state transition pattern recognition method based on an Android smart phone. Background technique [0002] The characteristics of mobile phones, a special mobile device, have brought many obstacles to the security of mobile phones. The limitations of computing power, storage capacity, battery supply capacity, and network interconnection capacity have all imposed limitations on traditional technologies, especially from traditional PCs (personal computers, personal computers). Adapting measures to local conditions on smartphones from technology borrowed from computers) has brought difficulties. For example, detection based on feature code matching, due to the computing power and storage capacity of smartphones, tasks can only be processed in a distributed manner, which in turn will be restricted by network interconnection capabilities...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04M1/725G06F17/30
Inventor 牛夏牧韩琦石振锋李琼王莘
Owner HARBIN INST OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap