| 基于Android的木马检测引擎的研究与实现 |
| |
| 引用本文: | 夏彬,邱峰.基于Android的木马检测引擎的研究与实现[J].电信科学,2016,32(10):36-41. |
| |
| 作者姓名: | 夏彬 邱峰 |
| |
| 作者单位: | 中国科学院信息工程研究所,北京100093 |
| |
| 基金项目: | 中国科学院战略性先导科技专项(A类)重点行业应用系统信息安防关键技术研究子课题 |
| |
| 摘 要: | 近几年来,Android手机木马病毒发展迅速,Android手机安全问题成为大家关注的焦点,基于Android的木马检测引擎的研究与实现变得日益迫切。为此,提出了一套特征码提取检测算法(FCPA),FCPA通过调用Android系统库函数获取恶意文件的源路径,利用源路径找到相应文件并对文件进行散列处理,获取文件特征信息,生成一个唯一标识该木马病毒的特征值,然后构建特征码库。同时,设计并实现了木马检测引擎,其利用特征码提取算法快速扫描并检测出手机应用程序中的恶意程序。实验结果表明,该木马检测引擎能够有效检测恶意应用。
|
| 关 键 词: | Android 木马检测引擎 特征码 |
Research and realization of the Trojan detection engine based on Android |
| |
| Bin XIA,Feng QIU.Research and realization of the Trojan detection engine based on Android[J].Telecommunications Science,2016,32(10):36-41. |
| |
| Authors: | Bin XIA Feng QIU |
| |
| Affiliation: | Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China |
| |
| Abstract: | During recent years, Trojan viruses on Android systems have greatly evolved, and the frequent security breach of Android systems is rapidly becoming a great concern of contemporary cyber security. The study of Trojan virus detection on Android engine and the application of its outcome has become increasingly significant. A feature code detection algorithm called FCPA got the sourceDir of the known malicious APK files through calling system API. It uses hash algorithm to process these files in order to get the feature information of the files so that the eigenvalue could got which could identify Trojan uniquely. The feature code library was composed of these eigenvalues. The Trojan detection engine called TDE, with the assistance of this feature code library, would be able to take out a quick scan among the files in the cell phone and detect malicious programs in mobile applications. Finally, the designed Trojan detection engine provided a secure environment for the user of the phone. |
| |
| Keywords: | Android Trojan detection engine feature code |
|
| 点击此处可从《电信科学》浏览原始摘要信息 |
|
点击此处可从《电信科学》下载全文 |
