摘要
针对Android平台的恶意代码分析建模一直是目前移动终端安全的研究重点,对目前常见的恶意代码进行归纳、分类和行为抽取,在对行为进行形式化描述的基础上,提出了一种基于有色Petri网(colored-Petri net,CPN)的恶意代码建模方法,使用该方法能够描述恶意代码从安装、加载到恶意执行的整个过程。最后对恶意软件Bean Bot进行建模,并利用CPN Tools仿真工具分析了模型的可达性和有界性等性质。实验表明该方法可以准确地刻画恶意代码的运行过程,有助于对恶意代码的机制进行深入分析。
Analysis and modeling of Android malware is the research emphasis of mobile terminal security. This paper summarizes and classifies the Android malwares, and extracts the behavior. On the basis of formal description of the behavior, this paper proposes a new modeling method of malwares based on colored-Petri net (CPN). The proposed method can help describe the whole process of malwares from installation, loading to malicious execution. Finally,this paper makes modeling for malware BeanBot, and analyzes the reachability and boundedness of the model via CPN Tools. The experimental data show that the proposed method can accurately describe the running process of malwares,and it will help analyze the mechanism of malwares in depth.
作者
李登辉
焦健
陈昕
宋亚鹏
肖庆
LI Denghui;JIAO Jian;CHEN Xin;SONG Yapeng;XIAO Qing(College of Computer Science and Technology, Beijing Information Science and Technology University, Beijing 100101, China;College of Historical Culture and Turism, Guangxi Normal University, Guilin, Guangxi 541001, China)
出处
《计算机科学与探索》
CSCD
北大核心
2017年第1期99-105,共7页
Journal of Frontiers of Computer Science and Technology
基金
国家自然科学基金
国家科技重大专项
国家科技支撑计划项目~~