Monitoring method for App behaviors in Android system

A technology for systems and behaviors, applied in instruments, electrical digital data processing, platform integrity maintenance, etc., can solve problems such as inability to intercept, and achieve strong security protection

Inactive Publication Date: 2016-08-10
北京鼎源科技有限公司
View PDF4 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, some security software on the market mostly monitor system calls at the application layer. For example, the open source Xposed framework is adopted by many security software. This method can only intercept system calls at the application layer.
And if the Trojan is implanted in the Native layer, in this case, the existing security software cannot intercept the Trojan behavior by calling the corresponding system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Monitoring method for App behaviors in Android system
  • Monitoring method for App behaviors in Android system
  • Monitoring method for App behaviors in Android system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] Below in conjunction with accompanying drawing, further describe the present invention through embodiment, but do not limit the scope of the present invention in any way.

[0028] The invention provides a security kernel implementation method based on Android system App sensitive behavior monitoring, and realizes interception and monitoring of system calls of the entire Android system by adding a module in the Android kernel layer. Specifically, by writing your own Android kernel module, cross-compiling, and then loading the module into the Android system, by intercepting specific functions (such as functions for reading address book and other related information), the corresponding system calls are obtained. information. The system call information includes: the read process (which process reads it), etc. Then return the corresponding record information to the application layer to form a corresponding monitoring log file. The present invention comprises the steps:

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a monitoring method for App behaviors in an Android system. The method comprises the steps as follows: firstly, writing a kernel module, and performing cross compilation by writing of own Android kernel module; secondly, loading the module into the Android system, and intercepting specific functions (such as functions for reading related information of address books and the like) to obtain corresponding system call information including information about reading through which process and the like; thirdly, returning the corresponding recorded information to an application layer and forming corresponding monitoring log files to achieve system calling interception and monitoring of the whole Android system. According to the monitoring method, monitoring can be performed on system calling generated in both the application layer and a Native layer, and compared with existing monitoring methods for the application layer, the monitoring method has the advantages that protection can be more thorough, and the security protective property on mobile phones is higher; users are enabled to know behaviors of installed software thoroughly, thereby being capable of discovering malicious acts of the software timely.

Description

technical field [0001] The invention relates to an Android system Application (App) software security technology, in particular to a method for monitoring App sensitive behaviors based on the Android system. Background technique [0002] Compared with traditional mobile phones, smart phones have richer functions and stronger data processing capabilities, and the Android system, which has developed rapidly in recent years, has the advantages of open source and strong portability. More and more mobile phones use the Android system as a mobile phone operation system. With the popularization of Android smart phones, more and more security problems exposed by Android smart phones. Therefore, how to protect the security of Android smartphones is a very important topic. [0003] There are a large number of apps available for download in the Android mobile phone market, and some apps are safe; some apps may be implanted with viruses and Trojan horses. Once users download and insta...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/566
Inventor 文伟平
Owner 北京鼎源科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products