Method for detecting Android malicious software based on program flow chart

A technology of program flow and detection method, applied in the fields of instruments, digital data processing, platform integrity maintenance, etc., can solve problems such as difficulty in preventing malware variants, and difficulty in taking effect of file signature-based solutions, and achieve a reduction in size. Effect

Inactive Publication Date: 2014-09-03
SOUTHEAST UNIV
View PDF3 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But this solution is difficult to prevent variants of malware and different sample programs with the same malicious behavior
For example, after modifying part of the code of the malicious program, it is difficult for the scheme based on the file signature to take effect

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for detecting Android malicious software based on program flow chart
  • Method for detecting Android malicious software based on program flow chart
  • Method for detecting Android malicious software based on program flow chart

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] Below in conjunction with specific embodiment, further illustrate the present invention, should be understood that these embodiments are only used to illustrate the present invention and are not intended to limit the scope of the present invention, after having read the present invention, those skilled in the art will understand various equivalent forms of the present invention All modifications fall within the scope defined by the appended claims of the present application.

[0020] A kind of Android malicious software detection method based on program flow chart, its specific implementation flow chart is as follows figure 1 shown. Introduce the implementation steps of the present invention below in conjunction with zsone malicious software:

[0021] 1) Establishment of Malicious Behavior Feature Database

[0022] Step 1, extract the dex code file of the APK (SHA1:9458cfb51c90130938abcef7173c3f6d44a02720) application program;

[0023] Step 2. For the dex file extrac...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for detecting Android malicious software based on a program flow chart. Firstly, a basic block of an APK application program to be detected program is analyzed according to a smali file generated after decompilation, the flow chart of the program is obtained, a graph fingerprint formed by an API full-path hash coded value and the connecting relation of the coded value is taken as malicious behavior characteristics, and then on the basis of the subgraph isomorphism theory, behavior matching is performed on the malicious software. Compared with a traditional system for detecting the malicious software by utilizing a file signature scheme, the variant of the malicious software can be effectively recognized, and virus types which cannot be detected through signature schemes like the malicious code tampering scheme can be effectively resisted.

Description

technical field [0001] The invention relates to a method for detecting Android malicious software based on a program flowchart, and belongs to the technical field of mobile platform malicious software detection and the like. Background technique [0002] With the rapid development of the mobile Internet, smart mobile terminals have become an indispensable tool in people's life and work. Currently, Android has become a mainstream operating system for mobile terminals. The development of the scale of the mobile Internet and the growth of the market share of Android promote each other and jointly change people's mobile life. However, with the rapid development of mobile Internet and Android, various malicious software emerges in an endless stream, which seriously damages the vital interests of mobile terminal users and the healthy development of the Android application market. Therefore, the research and detection of Android platform malware has important theoretical value an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/561
Inventor 秦中元杨中云王志远吴伏宝徐倩怡游雁天吴颖真
Owner SOUTHEAST UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap