摘要
多数Android应用需要通过连入互联网与外界进行通信,所有与网络相关的活动都涉及网络流量,通过分析建模Android应用的网络流量,可以一定程度上掌握Android应用的网络行为。因此,设计了一个事件驱动的网络行为自动检测系统DroidBet,来对Android应用进行自动测试评估。首先,建立一个场景模拟事件库,用来模拟应用程序运行过程中可能执行的事件,从而尽可能地触发应用程序的网络行为;然后,自动生成基于状态转移分析方法的测试序列,同时对应用程序测试过程中的网络行为进行动态收集;最后,采用机器学习方法对收集到的网络行为进行学习、训练,生成基于BP神经网络的网络行为模型,实现对未知的Android应用的行为检测。实验结果表明,DroidBet能够有效地触发并提取应用程序的网络行为,并具有准确度高、系统资源开销低等优点。
The most Android applications connect to Internet to communicate with the outside world. Applications' net- work-related activities were reflected and described with network traffic. By analyzing and modeling network traffic of Android applications, network behaviors of Android applications could be subsequently characterized. Therefore, Droid- Bet: an event-driven network behavior automatic detection system was presented, to test and evaluate Android applica- tions automatically. Firstly, a scenario simulation event library was built to simulate the events that applications may be executed in the process, so as to trigger the network behavior of the application as much as possible. Then, the test se- quence based on the state transition analysis method was automatically generated, and the network behavior was dynam- ically collected during the application testing process. Finally, the machine learning method was used to learn and train the collected network behavior, and the network behavior model based on BP neural network was generated to detect the behavior of the unknown Android application. The experimental results show that DroidBet can effectively trigger and extract the network behavior of the application, which has the advantages of high accuracy and low resource cost.
出处
《通信学报》
EI
CSCD
北大核心
2017年第5期84-95,共12页
Journal on Communications
基金
国家自然科学基金资助项目(No.61472189)~~
