摘要
随着互联网技术和计算机技术的高速发展,人们获取资源和服务变得更加方便快捷了,但与之伴随而来的安全问题也日益突出。特别是在使用广泛的移动终端上,窃取信息、恶意吸费等恶意软件层出不穷。由于受到资源和计算能力的限制,移动终端无法安装功能强大、性能要求高的病毒查杀软件。本文从实际出发,针对移动终端对安全的需求和现有查杀软件存在的弊端进行了深入的分析,提出了一种基于沙盒的结合移动端和云端的恶意软件检测技术。该技术采用了基于动态分析的沙盒技术,从一定程度上弥补了传统的静态分析方法所存在的不足,沙盒所特有的隔离环境,同时保证在系统执行检测任务时免遭恶意程序的破坏。另外,考虑到移动终端的局限性和检测过程的可靠性,在移动终端经过预处理后,使用高效的比对算法进行二进制比对,同时通过网络将APK中的class字节码文件上传到云端,通过在云端的虚拟机中运行执行代码进行进一步检测,从而提高检测的可靠性和效率。
With the rapid development of Internet technology and computer technology, people's access to resources and services become more convenient, but the security issue with the attendant increasingly prominent. Especially in the use of a wide range of mobile devices, steal information, malicious suction fee malware endless. Due to limited resources and computing power, the mobile terminal cannot install a powerful, high performance requirements virus killing software. This article from the reality, for mobile terminal security requirements and existing software Disadvantages killing depth analysis,the malware detection technology based on a combination of sandbox mobile terminal and the cloud. The technology uses sandbox technology based dynamic analysis, to some extent, compensate for the shortcomings of traditional static analysis methods exist, sandbox unique isolated environment, while ensuring that malicious programs from the system to perform inspection tasks in damage. In addition, taking into account the limitations and reliability of the detection process of the mobile terminal, the mobile terminal after pretreatment, the use of efficient than binary comparison algorithm, and through a network of APK class bytecode files uploaded to the cloud by the virtual machine to execute code to run in the cloud for further testing to improve the reliability and efficiency of detection.
出处
《电子设计工程》
2016年第12期48-50,53,共4页
Electronic Design Engineering
