Android malicious code detection device and method based on dynamic activation and behavior monitoring

A malicious code detection and behavior technology, applied in the application security field of information security, can solve the problems of many security threats and damage to the interests of users, and achieve the effect of ensuring comprehensiveness and integrity

Inactive Publication Date: 2014-12-03
BEIJING SOFTSEC TECH
View PDF4 Cites 39 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There are also many possible security threats in Android applications (including automatic networking in the background, automat

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android malicious code detection device and method based on dynamic activation and behavior monitoring
  • Android malicious code detection device and method based on dynamic activation and behavior monitoring
  • Android malicious code detection device and method based on dynamic activation and behavior monitoring

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings.

[0033]The present invention is an Android malicious code detection device based on dynamic activation and behavior monitoring. The device controls the mobile phone terminal to automatically install and start the application for detection, and automatically activates the behavior of the application; at the same time, it monitors the mobile phone in real time during the entire process of application operation. The terminal includes information on file access, SMS sending, network connection and its flow, system resource occupation and hardware resource access, detects malicious behaviors performed by malicious code, and generates a detection report for the user to complete the dynamic behavior of the detected application detection.

[0034] see figure 1 , introduc...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Disclosed is an android malicious code detection device and method based on dynamic activation and behavior monitoring. According to the device, behaviors of a cellphone terminal automatically installing and starting an application to be detected and automatically activating the application are controlled; meanwhile, during the whole running process of the application, information of the cellphone terminal, such as file access, short message sending, network connection, traffic, system resource usage and hardware resource access, is monitored in real time, malicious behaviors of malicious codes are detected, a detection report is generated and provided for a user, and behaviors of the application under detection are dynamically detected. The device comprises an application behavior dynamic activation module, an application behavior real-time monitoring module and a detection result analysis module. The device and the method have the innovative advantages that all control and interface operations are achieved for the application by a software interaction technology, all application behaviors are dynamically activated, all-function automatic monitoring and detection is achieved for the application on the premise of finishing self-functions, and detection can be comprehensive and complete.

Description

technical field [0001] The present invention relates to a detection technology of malicious behaviors of Android applications. Specifically, it relates to an Android malicious code detection device and method based on dynamic activation and behavior monitoring, and belongs to the technical field of application security in information security. Background technique [0002] At present, the detection and analysis technology for Android malicious applications has been studied for many years at home and abroad. Common detection tools include: DroidRange, TaintDroid and AppInspector, etc. The following are brief introductions to these tools: [0003] DroidRanger summarizes the behavior characteristics of ten known Android malware and two heuristic rules to detect unknown applications. This method can quickly detect known malicious behaviors, but it mostly uses manual analysis for new applications, so there is a certain lag in the detection results. [0004] TaintDroid is a syste...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/566
Inventor 徐国爱张淼
Owner BEIJING SOFTSEC TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap