摘要
虽然移动互联时代智能终端应用进一步普及,但随之也带来了移动端恶意代码等威胁,这些威胁影响了公民隐私和财产安全。Android系统由于自身特性,成为了恶意代码攻击的主要目标。犯罪分子利用恶意代码获取受害人隐私信息,进一步实施盗窃、诈骗等犯罪活动。基层办案人员对Android恶意代码分析技术的掌握程度有待提高,需要自动化的分析取证工具辅助警方发现犯罪线索,提高工作效率,真正做到全链条打击。在深入分析短信拦截马代码特征的基础上,结合静态和动态分析技术进行自动分析提取关键信息,为进一步的取证溯源提供线索。
In the mobile Internet era, the application of intelligent terminal becomes much more popularity. But it also brings the malicious malware, affecting the safety of citizens and property. Android has its own characteristics, and becomes the main target of malicious malware attacks. Criminals use malware to obtain the victim's privacy information, even theft, fraud and other criminal activities. The investigators of the Android malware analysis techniques need automated analysis and forensic tools to find crime clues and structure of the whole evidence chain. We analysed the characteristics of SMS interception Trojan, and then utilized static and dynamic analysis techniques to automatically analyze. Finally, we extracted the key information and found clues for evidence tracing.
作者
张璇
杜强
ZHANG Xuan DU Qiang(Network Security and Law Enforcement of Investigation Department, Shandong Police College,Jinan 260014, China Licheng Branch of Jinan Public Security Bureau,Jinan 250100,China)
出处
《计算机科学》
CSCD
北大核心
2016年第B12期30-34,共5页
Computer Science
基金
本文受山东省科技发展计划项目:基于大数据分析的云取证系统研究与实现(2014GGX101004)资助.
关键词
ANDROID
取证
短信拦截马
静态分析
动态分析
Android, digital forensics, SMS interception trojan, Static analysis, Dynamic analysis
作者简介
张璇(1980-),女,硕士,讲师,主要研究方向为电子数据取证、网络犯罪侦查,E-mail:zx@sdpc.edu.cn;
杜强(1972-),男,工程师,主要研究方向为电子数据取证、网络犯罪侦查。
