Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and system for detecting Android malicious application based on file access dynamic monitoring

A file access and malicious application technology, applied in the field of information security, can solve the problem that the method of Android malicious application software detection is not mature enough.

Inactive Publication Date: 2016-09-21
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF5 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] To sum up, Android applications play an important role in people's lives, but the detection method of Android malicious application software is not mature enough. Therefore, how to comprehensively and effectively detect Android malicious application software has become a challenge for researchers in the industry. new topics of interest

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting Android malicious application based on file access dynamic monitoring
  • Method and system for detecting Android malicious application based on file access dynamic monitoring
  • Method and system for detecting Android malicious application based on file access dynamic monitoring

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0093] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. It should be understood that the described embodiments are only some of the embodiments of the present invention, not all of them. example. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without making creative efforts belong to the protection scope of the present invention.

[0094] Such as figure 2 As shown, it is a schematic flowchart of a method for detecting Android malicious applications based on dynamic monitoring of file access according to an embodiment of the present invention. Now with examples, the method of the present invention is described in detail. The Android malicious application detection method based on file access dynamic monitoring of the present invention mainly involves the follo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a method and a system for detecting Android malicious applications based on file access dynamic monitoring. The method comprises: using a dynamic loading kernel module to technically modify an Android kernel; clicking different assemblies of an application, collecting all file access operation in an operation process, to form an original file access recording INI and attribute values thereof; using a file access cycle as a unit to settle, to form a settled file PRE and attribute values thereof; customizing file access strategy sets S, Q, and U, S representing a no-time-sequence strategy set, Q representing a single-file time sequence strategy set, and U representing a multi-file time sequence strategy set, determining whether a sensitive behavior is triggered, and finally determining whether the application is a malicious application.

Description

technical field [0001] The invention relates to a dynamic detection method for Android malicious applications, specifically, a method for detecting malicious behaviors based on Linux kernel file access rules, and belongs to the technical field of information security. Background technique [0002] With the popularization of existing Android smart terminals, people's dependence on Android smart terminals is rapidly increasing, and terminal-based applications are becoming more diverse and more difficult to control. A large number of terminal software and applications also means a large number of security risks. Various attacks on terminal equipment have appeared since 2004. At present, the security threats and security risks faced by Android smart terminals mainly include three aspects: one is the loopholes of its own system and software; the other is malicious software (viruses, Trojan horses, etc.); Specific potential security risks include: personal privacy disclosure, per...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/566G06F2221/034
Inventor 张妍王雅哲
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI