Research on security detection and risk rating of Android applications
Abstract
With the development of mobile Internet, mobile devices have gradually become the largest traffi c inlet of the Internet, and
Android devices with a large user base are the main force. With the continuous growth of the number and volume of Android applications,
security problems are also emerging. O n the one hand, due to the open source characteristics of the Android system, the decompilation
diffi culty of Android applications is relatively low, and many manufacturers have adopted reinforcement technology to protect the core
code of applications, so the reinforcement is also constantly developing, and the form is implemented through dynamic bytecode loading,
bytecode non-landing memory loading, class instruction extraction and other reinforcement technologies. Among them, the hybrid
reinforcement technology combining the latter two is more common. On the other hand, security threats in Android applications seriously
aff ect people’s information security. In view of the above problems, this paper proposes an application security detection device, including:
run module, used to run at least one target application; The malicious behavior detection module is used to detect whether there is malicious
behavior in the target application program. If the malicious behavior occurs when the target application program is running, the target
application program is added to the fi rst detection list. This method solves the technical problem that the security detection of the application
program is not comprehensive.
Android devices with a large user base are the main force. With the continuous growth of the number and volume of Android applications,
security problems are also emerging. O n the one hand, due to the open source characteristics of the Android system, the decompilation
diffi culty of Android applications is relatively low, and many manufacturers have adopted reinforcement technology to protect the core
code of applications, so the reinforcement is also constantly developing, and the form is implemented through dynamic bytecode loading,
bytecode non-landing memory loading, class instruction extraction and other reinforcement technologies. Among them, the hybrid
reinforcement technology combining the latter two is more common. On the other hand, security threats in Android applications seriously
aff ect people’s information security. In view of the above problems, this paper proposes an application security detection device, including:
run module, used to run at least one target application; The malicious behavior detection module is used to detect whether there is malicious
behavior in the target application program. If the malicious behavior occurs when the target application program is running, the target
application program is added to the fi rst detection list. This method solves the technical problem that the security detection of the application
program is not comprehensive.
Keywords
Application program; Security; detection
Full Text:
PDFReferences
[1] Lina Gu. Research on Power safety Guidance operating system based on Android [D]. Southeast University,2016.
[2] Yinan Yao,Shijun Zhai. Research on Vulnerability and Security Threat of Android Platform [J]. Mobile Communications,2015,39(11):34-38.
[3] Liping Ding. Security Analysis of Android Operating System [J]. Information Network Security,2012(3):28-31.
[4] Guowei Dong,Meilin Wang,Shuai Shao, et al. Feature matching based Android application vulnerability analysis framework [J] Journal of Tsinghua
University (Natural Science Edition),2016(5):461-467.
[5] Lu Chen,Yuanyuan Ma,Congcong Shi, et al. Research on static Analysis of Android Application Security Defects [J]. Computer Engineering and
Applications, 2018(4):117-121.
DOI: http://dx.doi.org/10.18686/modern-management-forum.v8i3.12665
Refbacks
- There are currently no refbacks.
