期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

Android恶意软件检测研究与进展 被引量:49

Android Malware Detection Research and Development
原文传递
导出
摘要 针对持续恶化的Android安全形势,从恶意软件检测的角度,首先总结了Android恶意软件在安装、触发和恶意负载方面的特征和发展趋势;以此为基础,结合Android平台特性和移动智能终端环境限制,系统化论述了现有Android恶意软件分析与判定技术,指出了权限分析、动态分析和静态分析的实现方法及其优缺点;介绍了基于特征值和基于启发式的恶意软件判定方法.最后,根据已有Android恶意软件检测研究的不足,提出了未来的研究方向和发展趋势. In light of deteriorating security situation on the popular Android platform, there is a pressing need to develop effective solutions of Android malware detection. To address this issue, firstly Android malwares were systematically characterized from various aspects, including their installation methods, activation mechanisms as well as the nature of carried malicious payloads. Characterization and evolution of Android malware were the foundation of malware detection. Given the resource-constrained mobile phone environments and Android's special programming paradigm, several analysis techniques for detecting malware have been proposed: permission analysis, static analysis and dynamic analysis. The following malware detection solutions are primarily implemented using two methods: signature-based and heuristic-based. And then, a wide range of Android-based malware detection works were compared to evaluate the effectiveness of techniques for analyzing and identifying mobile malware. Finally, the direction of future studies in this field was presented on the basis of the assessment of the previous researches.
作者 彭国军 李晶雯 孙润康 肖云倡
机构地区 武汉大学计算机学院 空天信息安全与可信计算教育部重点实验室 中国人民大学法学院
出处 《武汉大学学报(理学版)》 CAS CSCD 北大核心 2015年第1期21-33,共13页 Journal of Wuhan University:Natural Science Edition
基金 国家自然科学基金(61202387 61202385 61373168 61103220) 中国博士后科学基金(2012M510641) 高等学校博士点专项科研基金(20120141110002) 湖北省自然科学基金(2011CDB456)资助项目 武汉市晨光计划项目(2012710367)
关键词 ANDROID 恶意软件特征 恶意软件分析 恶意软件检测 Android malware characterization malware analysis malware detection
分类号 TP393 [自动化与计算机技术—计算机应用技术]
作者简介 彭国军,男,副教授,博士,现从事恶意软件检测、移动智能终端安全、电子证据方向的研究.E—mail:guojpeng@whu.edu.cn
  • 相关文献

参考文献76

  • 1Steven M P.Contrary to what you've heard,Android is almost impenetrable to malware[EB/OL].[2014-06-23].http://qz.com/131436/contrary-to-what-youveheard-android-is-almost-impenetrable-to-malware/.
  • 2Zhou Y,Jiang X.An analysis of the AnserverBot trojan[EB/OL].[2014-06-23].http://www.csc.ncsu.edu/faculty/jiang/pubs/AnserverBot_Analysis.pdf.
  • 3F-Secure’s Security Labs.Trojan:Android/BaseBridge.A[EB/OL].[2014-06-23].http://www.fsecure.com/v-descs/trojan_android_basebridge.shtml.
  • 4F-Secure’s Security Labs.Droid KungFu Utilizes an Update Attack[EB/OL].(2011-10-05)[2014-06-23].http://www.f-secure.com/weblog/archives/00002259.html.
  • 5Jiang X X.Security Alert:New Stealthy Android Spyware-Plankton-Found in Official Android Market[EB/OL].[2014-06-23].http://www.csc.ncsu.edu/faculty/jiang/Plankton/.
  • 6Goegre code.Asroot[EB/OL].[2012-02-07].http://code.google.com/p/flashrec/source/browse/#svn%2Ftrunk%2Fandroid-root.
  • 7SEBASTIAN.Android trickery[EB/OL].[2014-06-23].http://c-skills.blogspot.com/2010/07/androidtrickery.html.
  • 8SEBASTIAN.Droid2[EB/OL].[2014-06-23].http://c-skills.blogspot.com/2010/08/droid2.html.
  • 9SEBASTIAN.Zimperlich sources[EB/OL].[2014-06-23].http://c-skills.blogspot.com/2011/02/zimperlich-sources.html.
  • 10SEBASTIAN.adb trickery#2[EB/OL].[2014-06-23].http://c-skills.blogspot.com/2011/01/adbtrickery-again.html.

二级参考文献13

  • 1张和君,张跃.Linux动态链接机制研究及应用[J].计算机工程,2006,32(22):64-66. 被引量:10
  • 2Schmidt A D, Schmidt H G, Clausen J, et al. Enhancing secu- rity of Linux-based Android devices [EB/OL]. [2011- 1 1-19]. http://ww~.dai-labor.de/fileadmin/files/publica tions/lk2OO8- android security.pdf.
  • 3Burguera L, Urko Z, Simin N. Crowdroid: behavior-based malware detection system for Android [C]//Proc 1st ACM Workshop on Security and Privacy in Smartphones and Mo- bile Devices. New York: ACM Press, 2011: 15-26.
  • 4Manuel E, Theodoor S, Engin K, et al. A survey on auto- mated dynamic malware analysis techniques and tools [J]. ACMComputing Surveys, 2012, 44(2): 1-49.
  • 5Wikipedia. Inter-process communication [EB/OL]. [2012-01- 07] http://en, wikipedia.org/wiki/Inter-proeess_communication.
  • 6Schreibe T. Android binder [EB/OL]. [2012-03-29]. http://www. nds.rub.de/media/attachments/files/2012/O3/binder.pdf.
  • 7Xfocus Team. Injecting shared library [EB/OL]. [2011-12- 14]. http://www.focus.net/articles/200208/438.html.
  • 8TIS Committee. Executable and linkable format [EB/OL]. [2011-10-30]. http://www.skyfree.org/linux/references/ELF_F ormat.pdf.
  • 9Anonymous. Runtime process infection [EB/OL]. [2011-12- 05]. http ://www.phrack. org/issues.html ?issue= 5 9 & id=8.
  • 10Li T S, Jing S, Xu J H, et al. The research of dalvik virtual machine on the Android platform[C]//Proe 3rd International Conf on Manufacturing Science and Engineering, Xiamen: IEEE Press, 2012:2534-2537.

共引文献4

同被引文献237

引证文献49

二级引证文献147

武汉大学学报(理学版)
2015年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
关于我们 | 版权声明 | 联系我们 | 帮助中心| 意见反馈
主办单位:上海市教育委员会
技术支持:重庆维普资讯有限公司
渝公网安备 50019002500403号
使用帮助 返回顶部