全部 标题 作者
关键词 摘要

OALib Journal期刊
ISSN: 2333-9721
费用:99美元

查看量下载量

相关文章

更多...
-  2015 

一种易部署的Android APP动态行为监控方法
An easy-to-deploy behavior monitoring scheme for Android applications

DOI: 10.7523/j.issn.2095-6134.2015.05.016

Keywords: Android APP,行为监控,Dalvik劫持,动态注入
Android APP
,behavior monitoring,Dalvik hijacking,dynamic instrumentation

Full-Text   Cite this paper   Add to My Lib

Abstract:

摘要 Android平台目前已经成为恶意代码攻击的首要目标,超过90%的Android 恶意代码以APP的形式被加载到用户设备.因此,监控APP行为成为对抗Android恶意代码攻击的重要手段.然而,已有的监控手段依赖于对Android系统底层代码的修改.由于不同OEM厂商对Android系统的严重定制,直接改动商用Android系统的底层代码很难由第三方人员部署到用户设备.本文在分析Android进程模型和代码执行特点的基础上,提出一种在应用层实现的程序行为监控方案,通过动态劫持Android虚拟机解释器的方法,实现对应用程序代码执行情况的全面监控.由于不直接对Android系统源码进行任何改动,该方案可以灵活、快速地部署在不同型号、不同版本的Android移动终端上.通过对原型系统的实现和测试,发现该系统易于部署、监控全面并且性能损耗较低.

References

[1]  <p> Gartner. Gartner says smartphone sales accounted for 55 percent of overall mobile phone sales in third quarter of 2013[EB/OL].(2013-11-14)[2014-07-20]. http://www.gartner.com/newsroom/id/2623415.
[2]  Grace M C, Zhou Y, Wang Z, et al. Systematic detection of capability leaks in stock android smartphones[C]//19th Annual Network and Distributed System Security Symposium (NDSS). Internet Society, 2012.
[3]  Jiang X X. Security alert:new sophisticated Android malware DroidKungFu found in alternative Chinese app markets[EB/OL].(2011-06-23)[2014-07-20]. http://www.csc.ncsu.edu/faculty/jiang/DroidKungFu.html.
[4]  Cisco. Cisco 2014 annual security report[R/OL]. Cisco_2014_ASR.pdf. (2014)[2014-07-20].https://www.cisco.com/web/offer/gist_ty2_asset/
[5]  Enck W, Ongtang M, McDaniel P. On lightweight mobile phone application certification[C]//Proceedings of the 2009 ACM Conference on Computer and Communication Security (CCS). 2009:235-245.
[6]  Felt A P, Chin E, Hanna S, et al. Android permissions demystied[C]//Proceedings of the 2011 ACM Conference on Computer and Communication Security (CCS). 2011:627-638.

Full-Text

Contact Us

service@oalib.com

QQ:3279437679

WhatsApp +8615387084133