|
|
- 2018
基于AHP的安卓应用安全信用指数度量方法
|
Abstract:
在Android移动应用市场上,由于Android系统的高度开放性和广泛普及性,Android应用面临着被恶意注入、二次打包等严重安全风险。传统Android软件安全度量技术的度量精度可确定软件的安全等级,但无法满足软件信用精确度量和安全指数排序的现实需求。针对上述问题,该文通过对Android软件逆向分析,根据不同权限安全等级划分,给定安全范围内的安全系数,引入层次分析法(analytic hierarchy process,AHP)评估模型,对Android软件进行初步安全评分。同时结合Android软件的认证强度和第三方应用市场上的违规记录,再次使用AHP综合度量软件的最终安全信用指数。实验结果表明:该度量方法有效可行,可在精度允许的范围内,精确度量Android软件的安全信用指数。
Abstract:The openness and popularity of Android systems has resulted in, Android applications facing serious security risks such as malicious injection and re-packaging. The traditional measurement methods of Android software security can generally determine its security level for its security index measurement accuracy, but they cannot provide accurate software credit measurements and security index sorting. This paper assigns a safety coefficient to indicate the scope of security after a reverse analysis of the Android software for the security classification. Then, the analytic hierarchy process (AHP) evaluation model is used for a preliminary safety score of the Android software. Meanwhile, the Android software certification strength and the violation records in the external application market are used to calculate the final AHP security index twice. Tests show that this measurement method can accurately measure the security index of Android software products.
