Method and system for testing malicious Android application programs

An application detection and application technology, applied in the direction of platform integrity maintenance, etc., can solve the problems of large manpower and material resources, unsuitable for large-scale and rapid security analysis, automatic analysis of false positives and high vulnerability rate, to ensure integrity, Effects of Simplifying Analysis Complexity, Improving Efficiency and Accuracy

Active Publication Date: 2013-06-05
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF3 Cites 39 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The first method, the accuracy of manual analysis is higher, but requires strong professional knowledge, which consumes a lot of manpower and material re

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for testing malicious Android application programs
  • Method and system for testing malicious Android application programs
  • Method and system for testing malicious Android application programs

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0015] Such as figure 2 Shown is the implementation of the malicious Android application detection method in the most simplified mode. The specific implementation is as follows:

[0016] 1) Application behavior definition, the specific data uses the following format:

[0017]

[0018] Where page represents an operation interface of the application program, button represents a button on the operation interface, and function represents the function of the button on the operation interface. The specific functions are as follows:

[0019] #define 1 networking

[0020] #define 2 SMS

[0021] #define 3 access address book

[0022] #define 4 access sim card information

[0023] #define 5 access to multimedia data

[0024] #define 6 Executing the program

[0025] This part of the content is defined by the user assistance, that is, to define the functions of all buttons in an application.

[0026] 2) Execute the application.

[0027] In the controlled Android operating sys...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a system for testing malicious Android application programs, and belongs to the technical field of computer software. The method includes the steps of a. dividing the untested application programs into a plurality of types, matching each button of the untested application program with one or more types of behavior and obtaining an application program button-behavior model, b. collecting application program information when button if a hardware imitator is pressed, recognizing the button corresponding to the current operation, and obtaining the operation behavior of the button according to the application program button-behavior model, c. collecting a bottom application program interface (API) calling sequence of the hardware imitator triggered by the current button and obtaining operation behavior corresponding to the button according to the API sequence, and d. comparing the operation behaviors confirmed by step b and step c, and identifying the untested application program as a malicious program when the operation behaviors are different. The method for testing the malicious Android application programs simplifies complexity of analysis and improves efficiency and accuracy of the analysis test greatly.

Description

technical field [0001] The invention mainly relates to malicious Android application program detection technology, more precisely, it is a malicious Android application program detection technology based on application program behavior and underlying API behavior analysis, and belongs to the technical field of computer software. Background technique [0002] With the continuous development of mobile networks, mobile phones have become an indispensable part of modern human life. The Android mobile phone operating system occupies half of the smart phones, and the shipment is growing at a rate of 500,000 units per day. Due to the diversity and complexity of smart phone functions, people are doing more and more work through mobile phones. They are no longer limited to sending text messages and making phone calls. They can also play games, surf the Internet, watch videos, listen to music, and shop, etc. The number of mobile phone applications has also grown explosively, and the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
Inventor 焦四辈苏璞睿应凌云杨轶
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products