一种基于意图的安卓应用安全检测方法研究-《计算机技术与发展》

文章信息/Info

Title:: Research on a Method of Security Detection for Android Based on Intent

Author(s):: LIU Wei; Department of Mathematics and Computer,School of Foreign Trade and Business, Chongqing Normal University,Chongqing 401520,China

Keywords:: Android application; security detection; intent; permission; AndroDialysis

摘要:: 针对目前 Android 移动应用市场受感染应用逐渐增多,应用软件安全性普遍较低,恶意软件检测难等问题,首先对Android 应用的(显式和隐式)意图进行研究,接着对收集众多应用软件的权限和意图进行分析。通过对比 Android 应用权限发现,Android 应用意图信息是识别 Android 受感染应用程序的一个更有效的特性。然后研究了 AndroDialysis 框架利用意图检测恶意应用的方法和原理,最后通过对收集的 Android 应用意图信息进行实验,验证其有效性,实验达到了理想效果。如果将 Android 意图和安卓权限结合起来进行应用安全分析验证,则有可能进一步提高安卓应用的检测率。该研究能够为移动安全检测提供参考。

Abstract:: For the problem of increasing number of malware in current Android application market,the generally low security of application software and the difficulty in detecting malicious software,we first study the ( explicit and implicit) intent of Android application, and then analyze the permission and intent information from many Android applications we collect. By comparison,we discover that intent is an effective feature to identify the Android infected application. Then we study the methods and principles of the AndroDialysis framework which is used to malware detection by analysis of the Android intent. Finally we collect the Android application intent information and do experiments to verify its effectiveness,and the experiment achieves ideal results. If Android intent and Android permission are combined to security analysis and validation,it would further improve the detection rate of Android applications. This study can provide reference for Android malware application detection in future.