Monitoring method for multi-level Android system malicious behaviors

A behavioral and malicious technology, applied in the direction of platform integrity maintenance, etc., can solve the problems of poor monitoring comprehensiveness, inability to analyze malicious code hidden behavior, etc., and achieve the effect of comprehensive analysis results

Inactive Publication Date: 2017-09-15
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF3 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The purpose of the present invention is: in view of the problems such as the need to modify the system source code, the need to modify the monitored software, the poor monitoring comprehensiveness, and the inability to analyze the hidden behavior of malicious codes in the current malicious behavior monitoring method of the Android system, a method based on multi-level cross-view analysis is proposed. Android system malicious behavior monitoring method, the method can monitor malicious behavior on the basis of not modifying system source code and monitored software

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Monitoring method for multi-level Android system malicious behaviors
  • Monitoring method for multi-level Android system malicious behaviors
  • Monitoring method for multi-level Android system malicious behaviors

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] In order to better illustrate the purpose and advantages of the present invention, the implementation of the method of the present invention will be further described in detail below in conjunction with the accompanying drawings and practical examples. Here, the exemplary embodiments of the present invention and the description therein are used to explain the present invention, but not as a limitation to the present invention.

[0042] The implementation use case includes a smart phone, using Android system.

[0043] First link

[0044] The purpose of this link is to monitor the malicious behavior of the Java layer, use the Dalvik virtual machine interception technology to monitor the malicious behavior of the Java layer, and output a list of malicious behavior 1, as attached figure 1 Shown. The specific implementation steps are as follows:

[0045] Step 1.1, take the interceptKeyBeforeQueueing function that intercepts the member function in the PhoneWindowManager class for pr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to monitoring for Android system malicious behaviors, and belongs to the technical field of computer and information science. Monitoring is implemented to system function calling in the Java layer, the Native layer and the Kernel layer of an Android system; while the malicious behaviors are prevented, a user is warned, and a log is recorded; the malicious behavior lists 1, 2 and 3 of each layer are output; and finally, through pairwise comparison of adjacent views, hidden behaviors (Java layer hidden behaviors and Native layer hidden behaviors) are analyzed, and a hidden behavior list is output. A process injection technology is adopted in the Java layer and the Native layer, and an LKM (Loadable Kernel Modules) technology is adopted in the Kernel layer.

Description

Technical field [0001] The invention relates to a method for monitoring malicious behaviors in an Android system, and belongs to the technical field of computer and information science. Background technique [0002] With the rapid popularization of smart phones, the mobile Internet has gradually become the mainstream Internet media for people. It is precisely because of its large number of users and the large and important amount of information transmitted on the mobile Internet. Therefore, the security of the mobile Internet has become the current mainstream security threat one. Among the current mobile smart platforms, Apple’s iOS system and Google’s Android system are the most mainstream smart phone operating systems. Among them, the Android system has the highest market share and has become the target of many malicious code attacks. The harm caused by malicious code is huge, not only causing huge economic losses to users, but also may leak key information such as users' priv...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
Inventor 潘丽敏李师伟罗森林宋言言
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap