摘要
随着Android系统在移动智能终端的应用越来越广,Android 系统的信息安全问题也日趋严重。尽管Android操作系统的进程采用了独立的虚拟内存空间保障其程序内核的可靠性,但由于应用程序各种事件之间的调用和关联,导致隐私数据泄露、程序越权操作、电池耗尽攻击、恶意进程交互等手机安全事件频繁涌现。因此Android恶意代码检测技术成为移动应用安全防护的一个研究热点。文章从Android恶意代码检测的应用需求和背景出发,概述了动态检测和静态检测方法、基于机器学习的智能检测方法、基于形式化的软件工程方法等各个方面的研究进展,最后提出了融合机器学习和软件工程方法的综合静态检测方法的研究方向,并分析了技术难点,可为学术研究和产品开发提供有价值的参考。
With the wide spread of Android-based mobile applications, the problem of information security in Android system is increasingly serious . Although Android operating system adopted independent virtual memory space to guarantee the reliability of its kernel , because of calls and association between various events in application , it will lead to private data leakage , unauthorized operation procedures, attacks to run out the battery , malicious processes interact and other mobile security events. Therefore , Android malware detection techniques become a hot topic in the domain of mobile application security. In this paper, the application requirements and environments for Android malware detection are firstly described, and then the diversity malware detection methods are surveyed which include dynamic and static methods, machine learning-based schemes, formal method-based software engineering techniques. Finally, the research direction to initiate a comprehensive static detection framework by integrating machine learning and software engineering is proposed, with some key challenges concomitantly analyzed, which can be valuable reference both for academic communities and industrial products.
出处
《信息网络安全》
2016年第9期218-222,共5页
Netinfo Security
基金
国家自然科学基金[U1509214]
浙江省自然科学基金[LY16F020035]
浙江省信息安全重点实验室开放课题[KF201603]
关键词
移动恶意代码
动态检测
静态检测
机器学习
模型检测
mobile malware
dynamic detection
static detection
machine learning
model checking
