Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Quick filtering method for malicious application programs

A malicious application, application technology, applied in the field of application detection, can solve the problem of inability to filter applications quickly and efficiently, and achieve the effect of improving screening efficiency and reducing workload

Inactive Publication Date: 2013-01-09
UNIV OF SCI & TECH OF CHINA
View PDF1 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] It can be seen that the above-mentioned existing malicious program analysis methods all need complex analysis operations for each application program. Therefore, in the face of a large number of Android application programs, the corresponding analysis method cannot quickly and efficiently filter out obvious The purpose of applications without malicious behavior, thereby reducing the cost of later analysis of applications that may have malicious behavior

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Quick filtering method for malicious application programs
  • Quick filtering method for malicious application programs
  • Quick filtering method for malicious application programs

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0087] The fast filtering method of the malicious application program based on the Android system provided by this embodiment one mainly includes:

[0088] (1) Get AndroidManifest.xml

[0089] Specifically, you can use WinRAR software to decompress the encrypted AndroidManifest.xml file from the APK file, or you can use any other software that supports APK file format unpacking, such as WinZip, 7Zip, etc.;

[0090] Further, in this step, AXMLPrinter2.jar can be used to decrypt the encrypted AndroidManifest.xml file to obtain the unencrypted original AndroiManifest.xml file, or other decryption software such as APKTool.jar can be used to perform corresponding decryption operations .

[0091] (2) Obtain the permission list requested by the application

[0092] Specifically, the xml file parsing package in Java can be used to parse the permission description part in AndroidManifest.xml to obtain the permission list applied by the application program;

[0093] Of course, you ca...

Embodiment 2

[0108] In the second embodiment, the application program of Angry Birds Space (Angry Birds Space, ngryBirdsSpace v1.1.0.APK) is analyzed as an example, and the final conclusion is that the application program is safe. The specific analysis steps include:

[0109] (1) Get AndroidManifest.xml

[0110] That is, you can use WinRAR software to decompress the encrypted AndroidManifest.xml file from the AngryBirdsSpace v1.1.0.APK file;

[0111] Use AXMLPrinter2.jar to decrypt the encrypted AndroidManifest.xml file to obtain the non-encrypted original AndroiManifest.xml file.

[0112] (2) Get permission list

[0113] That is, you can use the xml file parsing package in Java to parse the permission description part in AndroidManifest.xml to obtain the list of permissions applied for by the application;

[0114] The obtained permission list contains a permission: android.permission.INTERNET.

[0115] (3) Detect dangerous permissions

[0116] Match the list of permissions obtained i...

Embodiment 3

[0139] The third embodiment is to analyze the application program Walk and Text (WalkandTextv1.3.7.APK), and finally conclude that the application may be unsafe. Specific steps include:

[0140] (1) Get AndroidManifest.xml

[0141] Use WinRAR software to decompress the encrypted AndroidManifest.xml file from the WalkandTextv1.3.7.APK file;

[0142] Use AXMLPrinter2.jar to decrypt the encrypted AndroidManifest.xml file to obtain the non-encrypted original AndroiManifest.xml file.

[0143] (2) Get permission list

[0144] Use the xml file parsing package in Java to parse the permission description part in AndroidManifest.xml to obtain the list of permissions applied for by the application, including:

[0145] android.permission.CAMERA,

[0146] com.android.vending.CHECK_LICENSE,

[0147] android.permission.ACCESS_FINE_LOCATION,

[0148] android.permission.ACCESS_COARSE_LOCATION,

[0149] android.permission.ACCESS_NETWORK_STATE,

[0150]android.permission.SEND_SMS,

[01...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a quick filtering method for malicious application programs. The method comprises the following steps of: acquiring right information applied by an application program; and matching the right information and right information recorded in a preset dangerous right library, and when the right information is successfully matched with the right information recorded in the preset dangerous right library, performing the malicious behavior screening operation of judging whether a function corresponding to the successfully matched right information is used by the application program on the successfully matched right information. According to the embodiment of the invention, application programs possibly with malicious behaviors can be quickly extracted from a great number of application programs, so that application programs obviously without the malicious behaviors can be filtered to reduce the workload of subsequent screening analysis and greatly improve the screening efficiency of the malicious application program.

Description

technical field [0001] The invention relates to application program detection technology, in particular to a fast filtering method for malicious application programs. Background technique [0002] The Android (Android) system, as a widely used open source smartphone operating system, has attracted a large number of application developers to develop applications based on the Android system. [0003] Since there is usually a large amount of user privacy information in smart phones, a large number of malicious applications are rushing in. Malicious applications in the Android system usually obtain private information on the user's mobile phone without explicitly prompting the user or without the user's permission, violating the legitimate rights and interests of the user. The main malicious behaviors of the corresponding malicious applications include: malicious fee deduction, privacy theft, remote control, malicious transmission, tariff consumption, system destruction, decept...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
Inventor 程绍银蒋凡吴俊昌李子锋
Owner UNIV OF SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com