李响， 刘建毅^*

（  北京邮电大学计算机学院，北京 100876；  ）

摘要： Android操作系统作为近年来发展迅猛的移动设备智能操作系统，占据了智能手机操作系统的主流地位，Android应用资源极大丰富，应用的功能囊括了娱乐、办公、理财等各方面，深入人们的生活。Android应用安全的重要性问题日益突出，由于Android系统自身安全机制存在缺陷，Google对Android应用的发布审查力度不足，造成了Android平台的恶意应用的泛滥。为解决此问题，本文在传统Android权限检测方法的基础上，从Manifest文件中发现了Android组件（主要是activity）的统计信息对于应用类别的判别具有不可忽视的作用。本文从AndroidManifest文件中提取一种新的特征向量，该特征向量结合了Android应用的权限信息和组件信息。我们结合朴素贝叶斯分类算法，提出了一种基于AndroidManifest文件信息的恶意应用检测方法。通过实验，验证了本方法的适用性，结果表明本方法优于普通的基于权限信息的检测方法。
关键词： 信息安全；恶意应用检测；Android权限；Android组件；朴素贝叶斯

Li Xiang， Liu Jianyi^*

（  School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876；  ）

Abstract： As one of the most developed Intelligent operating systems on mobile devices, Android has taken the most part of the cell phone market. A rapid increase in the number of mobile applications make them more and more relevant to people's daily lives than ever before. Due to Android's security mechanism and the validation lack of publishing Android apps , Android malware detection still remains to be a critical issue. To solve this problem, we promote a malware detection method based on AndroidManifest file in this paper. On the basis of permission detection, we discover that the statistics of the android component (especially activity) differs from malwares to benigns. We use AndroidManifest file to extract features which contain information on both permissions and components, and then combined with Bayesian Classification to detect unknown android applications. The experimental results show that the new method performance better than the traditional permission detection.

Tag：

点此返回栏目查看更多>>>参考论文