Method and system for detecting malicious codes in android system and mobile terminal

A technology of malicious code detection and Android system, applied in the field of malicious code detection, to achieve the effect of improving detection speed, occupying less memory, and reducing memory

Active Publication Date: 2017-06-16
WUHAN ANTIY MOBILE SECURITY
View PDF5 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Malicious codes under the current Android system show a more complex development trend. It uses more complex obfuscation and encryption methods, and the encryption algorithm usually uses a custom algorithm, which brings great challenges to the static detection of malicious codes. Malicious codes will Sensitive strings, execution codes, and execution module files are encrypted, so that the existing static detection schemes cannot effectively detect them intelligently

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting malicious codes in android system and mobile terminal
  • Method and system for detecting malicious codes in android system and mobile terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the present invention more obvious and easy to understand, the technical solutions in the present invention will be further detailed below in conjunction with the accompanying drawings illustrate.

[0043] The present invention provides the method embodiment of the malicious code detection under Android system, as figure 1 shown, including:

[0044] S101: Perform format identification and analysis on executable files under the Android system, and determine the distribution position of the code blocks of each executable file in the memory. This process supports format identification and analysis of various executable files, including APK, DEX , ELF, OAT and other formats of executable files;

[0045] It can be understood that the format recognition and parsing of execut...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and system for detecting malicious codes in an android system. First, in the android system, each executable file is recognized and analyzed, machine instructions of all the executable files are split, a virtual technology is utilized for executing the machine instructions in a simulated mode, a physical environment needed in operation of the instructions is simulated, possible system calling and API calling are simulated, sensitive information generated during simulation execution and simulation calling is monitored and recorded, finally, the sensitive information is matched with features in matching of a rule base, and whether the executable files containing the malicious codes exist is judged. The defects in an existing static detection technology for the malicious codes in the android system are overcome, and the malicious codes in the android system are deeply detected. The invention further discloses a mobile terminal.

Description

[0001] Cross References to Related Applications [0002] This application requires the Chinese patent application number "201510889821.X" submitted by Wuhan Antiy Information Technology Co., Ltd. on December 08, 2015, the title of the invention is "Virtual Technology-Based Malicious Code Detection Method and System under Android System" priority. technical field [0003] The present invention relates to the technical field of malicious code monitoring, in particular to a method and system for detecting malicious codes under the Android system. Background technique [0004] Malicious codes under the current Android system show a more complex development trend. It uses more complex obfuscation and encryption methods, and the encryption algorithm usually uses a custom algorithm, which brings great challenges to the static detection of malicious codes. Malicious codes will Sensitive character strings, execution codes, and execution module files are encrypted, so that existing s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
Inventor 潘宣辰潘博文雷刚武乔伟
Owner WUHAN ANTIY MOBILE SECURITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap