Method and system for detecting malicious application of Android system

A malicious application and Android system technology, applied in computer security devices, instruments, electrical digital data processing, etc., can solve problems that are difficult to popularize and apply, and achieve the effects of good usability, high accuracy, and reduced performance overhead

Inactive Publication Date: 2017-06-20
BEIJING UNIV OF POSTS & TELECOMM
View PDF3 Cites 32 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

TaintDroid proposes a system-level dynamic taint analysis tool, which realizes real-time monitoring of information flow of private data by marking sensitive information; however, the static detection method needs to continuously update the feature library of malicious applications, and can only identify known malicious applications
[0004] Dynamic det

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting malicious application of Android system
  • Method and system for detecting malicious application of Android system
  • Method and system for detecting malicious application of Android system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be described in further detail below in conjunction with specific embodiments and with reference to the accompanying drawings.

[0052] Such as figure 1 Shown is a flow chart of an embodiment of the Android system malicious application detection method provided by the present invention, the detection method comprising:

[0053] Step 101, decompile the installation file of the application program through reverse engineering to obtain the permission feature;

[0054] Step 102, obtain the behavior record of the application program through the dynamic behavior capture technology, and match the behavior record with the defined behavior chain model to obtain the behavior feature;

[0055] Step 103, combining the behavior feature and the authority feature into a final feature;

[0056] Step 104, generating a feature data sample set from the final featur...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a system for detecting a malicious application of an Android system. The method comprises the following steps: acquiring a privilege characteristic by a reverse engineering de-compilation application program; matching by a behavior chain model for dynamic behavior collection and definition, thereby acquiring a behavior characteristic; combining plentiful privilege characteristics with behavior characteristics, thereby generating a characteristic data sample set; adopting a machine learning algorithm for utilizing the characteristic data sample set to generate a classifier; and inputting the characteristics of an unknown application program to the classifier, thereby acquiring a conclusion indicating if the unknown application program belongs to the malicious application. The invention provides the behavior chain model on the basis of the reverse engineering and the dynamic behavior collection, and then the unknown application program is detected through the machine learning algorithm, so that the efficient recognition for the malicious application is realized, the accuracy is high and the detection method and system provided by the invention are high in efficiency, need not change the system source code and are high in availability.

Description

technical field [0001] The invention relates to the field of mobile Internet information security, in particular to a method and system for detecting malicious applications in an Android system. Background technique [0002] With the rapid popularization of smart phones, people have entered the era of mobile Internet. The publishing model based on the application store has become an important model of mobile applications, and the mobile application industry has grown rapidly. Because mobile applications can obtain a large amount of sensitive information from mobile terminals, and they can generate high profits through the mobile market and advertisers, mobile applications are frequently attacked by hackers, and mobile application security incidents occur frequently. The mixed third-party application market and the lack of centralized and effective security review for a large number of mobile applications have led to a large number of malicious mobile applications being rele...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/563
Inventor 刘元安范文浩桑耀辉吴帆张洪光
Owner BEIJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap