基于静态分析的虚假安卓APP分析与检测被引量：2

Analysis and Detection of Fraud Android APPs based on Static Analysis

下载PDF

导出

摘要针对日益泛滥的虚假安卓APP,分析了安卓APP的多方面特征,设计并实现了一种基于静态分析的虚假安卓APP分析与检测系统。系统通过反编译安卓APK文件,分析并提取出包的信息和代码特征作为分类的特征向量,采用多种机器学习算法进行分类,并对其虚假程度进行分析与检测。通过实验对比不同机器学习算法在虚假安卓APP分类与检测的准确率,分析了不同机器学习算法的局限性。实验结果表明,该系统能够高效率、高准确率地检测虚假安卓APP。 Aiming at the proliferation of false android APP,various characteristics extracts packet information of the android APP are analyzed,the analysis and detection system of fraud android APP base n static analysis is designed and implemented.By decompiling android APK files,the system analyzes and extracts packet information and code features as the feature vectors of classification.A variety of machinelearning algorithms are used to classify and analyze the false degree.Experiment and comparison are done on the accuracy of different machine-learning algorithms in false android APP classification and detection,and the limitations of different machine-learning algorithms also analyzed.The experiment results indicate that this system could efficiently and accurately detect false android APP.

作者齐林刘功申孟魁蔡逆水 QI Lin;LIU Gong-shen;MENG Kui;CAI Ni-shui(School of Electronic Information and Electrical Engineering, Shanghai Jiaotong University, Shanghai 200240, China;State Engineering Laboratory for Mobile Internet System and Application Security,Shanghai 201315,China)

机构地区上海交通大学电子信息与电气工程学院移动互联网系统与应用安全国家工程实验室

出处《通信技术》 2017年第12期2840-2845,共6页 Communications Technology

关键词虚假APP 特征提取随机森林静态分析 fraud APP feature extraction random forest static analysis

分类号 TP391.3 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献7

1赵旺飞.移动智能终端APP发展趋势及面临的安全挑战[J].移动通信,2015,39(5):26-30. 被引量：13
2赛门铁克.互联网安全威胁报告[J].网管员世界,2006(4):115-116. 被引量：2
3李钢,王栋,李鲁湘,张晋民.移动智能终端的安全问题研究[J].信息通信技术,2014,8(2):26-32. 被引量：10
4胡全,莫秀良,王春东.基于Markov链模型的Android平台恶意APP检测研究[J].天津理工大学学报,2016,32(2):27-31. 被引量：3
5王玮.基于Android系统的恶意程序原理分析[J].信息网络安全,2012(10):71-76. 被引量：10
6秦玉海,候世恒,杨嵩.Android平台恶意APP的检验方法[J].中国刑警学院学报,2017(3):121-124. 被引量：3
7张海舰,方舟,陈新.基于深度学习技术的恶意APP检测方案[J].网络安全技术与应用,2017(3):108-108. 被引量：4

二级参考文献23

1田新广,高立志,张尔扬.新的基于机器学习的入侵检测方法[J].通信学报,2006,27(6):108-114. 被引量：15
2Google. Android Architecture [EB/OL]. http://developer.android. com/guide/basics/what-is-android.html, 2012-09-11.
3网秦.2011年第一季度全球Android手机安全报告[EB/OL].http://wwwnetqin.com/security/securityinfo.jsp?id.4043.2012-09-11.
4Google. Security and Permissions [EB/OL]. http://developer.android. com/guide/topics/security.html, 2012-09-11.
5Google. What is the NDK [EB/OL]. http://developer.android.com/ sdk/ndk/overview.html, 2012-09-11.
6Zovi, Dino Dai. Kernel Rootkits[J]. Sandia National Laboratories, 2001.
7Google. Android Interface Definition Language [EB/OL]. http:// developer.android.com/ guide/ developing/ tools/ aidl.hanl, 2012-09-11.
8Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Marcel Winandy. Privilege Escalation Attacks on Android[l]. Ruhr-University Bochum, 2010.
9Christian Papathanasiou, Nicholas J. Percoco. This is Not the Droid you're looking for[J]. Trustwave, 2010.
10Joany Boutet, Lori Homsher. Malicious Android Applications: Risks and Exploitation[J]. SANS Institute, 2010.