Android malicious software detection method based on method call graph

A malicious code detection and malicious technology, applied in the field of mobile Internet, can solve the problem that new unknown malware has no ability to detect and kill, and achieve the effect of improving identification and killing capabilities, security scanning and protection

Active Publication Date: 2013-12-25
XI AN JIAOTONG UNIV
View PDF5 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Existing malicious code detection technologies on the Android platform mostly use th

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android malicious software detection method based on method call graph
  • Android malicious software detection method based on method call graph
  • Android malicious software detection method based on method call graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The technical solution of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0023] Such as figure 1 As shown, the present invention constructs Apk software heterogeneous method call graph, calibrates sensitive functions, and then implements location and family classification of Android malicious codes in a graph correlation manner. In a specific embodiment, the detection method specifically includes the following steps:

[0024] The first step is to collect malicious samples of Android software, conduct manual analysis, and extract sensitive functions.

[0025] The sensitive functions include seven categories: network, short message, phone, file operation, device operation, code execution, and geographic location. In one embodiment, the sensitive functions have a total of 31 sensitive api function interfaces, as shown in Table 1.

[0026] Table 1 Sensitive functions and examples of sensitive receivers

[0027] ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an Android malicious software detection method based on a method call graph. A heterogeneous method call graph for constructing Android application Apk software is adopted, a sensitivity function is calibrated, and malicious codes are subjected to location and family classification by using the connectivity of the graph. The specific flow comprises the following steps: scanning the connectivity of the graph on the heterogeneous method call graph to obtain each sub-graph; grading the sensitivity function of each sub-graph, wherein the sub-graphs surpassing a threshold value are determined as malicious code modules, and similar malicious code sub-graph structures in different Android software are determined as malicious code families. According to the Android malicious software detection method, unknown malicious software can be found heuristically, families of the unknown malicious software are calibrated, and safe scanning and protection are provided for broad Android third-party markets and personal users.

Description

technical field [0001] The invention relates to the technical field of mobile Internet, and mainly relates to a method for detecting malicious codes on an Android system. Background technique [0002] With the rapid development of smart phones, the Android platform has gradually become the largest mobile terminal platform in the world. Its products cover set-top boxes, mobile phones, tablets, and various smart terminals, affecting people's lives from all angles. Moreover, the functions of these smart terminals are becoming more and more powerful, including voice calls, data services, NFC near field communication, etc. Android smart terminals have deeply entered the lives of each of us, including payment services, life services, map services, entertainment services, and personal information services. Under such circumstances, the security issue on the Android platform has gradually become a problem that has to be paid attention to. [0003] According to the latest data from...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
Inventor 陶敬周文瑜胡文君赵双马小博
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap