基于权限分析的手机恶意软件检测与防范  被引量:6

Detection and Prevention of Mobile Malware Based on the Analysis of Permissions

在线阅读下载全文

作  者:张帆[1] 钟章队[1] 

机构地区:[1]北京交通大学计算机与信息技术学院,北京100044

出  处:《信息网络安全》2015年第10期66-73,共8页Netinfo Security

基  金:国家自然科学基金[61303245]

摘  要:随着近年来移动互联网的兴起,智能手机飞速发展。由于Android的开源性,使得Android平台的恶意软件与日俱增,并且具有数量大、传播快、变种多等特点。文章提出了一种检测和防范Android恶意软件的策略及方法。首先通过静态分析的方法提取大量的正常Android应用程序和恶意程序样本的权限,然后统计样本结果,对比正常应用与恶意程序所调用权限的区别,重点研究良性软件和恶意程序中调用最频繁的权限的区别。该统计结果很好地反映了恶意软件与良性软件在权限选择上有许多不同侧重点;最后引入信息增益概念,来研究每项权限对于判断一个应用程序为恶意软件的可能性的影响大小,对应用程序的权限进行分级评分,从而形成一个可靠有效的安全测评机制。通过实验证明,该方法能有效的检测和防范恶意软件,从而更好地保护Android手机安全。In recent years, Android smart phones have developed rapidly, along with increasing developed software on the android platform. However, due to Android's open source property, the malware is growing in android platform. Currently, a large number of malicious software has been rapidly spread. Therefore, it is a must to protect Android smart phones. The main work of this paper are as follows: first, extract a large number of permissions from normal applications as well as malicious applications through static analysis. Secondly, draw histograms based on the permissions to show what permissions are most important. We pay much attention to finding out which permission is most frequent between benign application and malware. The statistical results reflect that there are many different priorities between benign application and malware. Lastly, depending on the information gain concept to estimate the risk which a application is a malware. We rank permissions based on information gain. In this way to form a effective and safe assessment mechanism. This paper provides a method for detecting malware. Through experimental results, the method has the opportunity to become malware detection and prevention mechanisms to better protect Android phone.

关 键 词:ANDROID 恶意软件防护 权限提取 静态分析 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象