摘要
由于Android系统应用市场的特性导致恶意软件传播迅速,对用户的手机乃至个人隐私造成了十分巨大的危害。本文首先介绍了Android应用的逆向技术,然后分析了恶意代码采用的多种Android代码隐藏技术及隐私获取的代码特征。针对这些情况,本文基于Android的逆向工程提出了一种静态检测和动态检测相结合的恶意行为检测方法,可以更加有效的检测代码中的恶意行为。最后通过对Android样本应用的分析表明此方法的可行性与有效性。
The characteristics of application market for Android system would usually lead to the rapid spread of the malwares,thus cause tremendous harm to the user's mobile phone and personal privacy. Firstly,the reverse technology of Android application is described,and then the code- behind technology used by Android malwares and the code characteristics of privacy access are analyzed.In light of this,a malicious behavior detection method based on the reverse engineering of Android and in combination with static detection and dynamic detection is proposed,and this method could detect malicious behavior more effectively. Finally,the analysis of Android sample application indicates the feasiblility and effectiveness of this method.
出处
《信息安全与通信保密》
2015年第4期83-87,共5页
Information Security and Communications Privacy
基金
中国信息安全测评中心科研项目资助(No.CNITSEC-KY-2013-009/2)