| 基于行为的移动智能终端恶意软件自动化分析与检测系统 |
| |
| 引用本文: | 康文丹,展鹇,白静,蔡旺.基于行为的移动智能终端恶意软件自动化分析与检测系统[J].信息网络安全,2013(12):46-50. |
| |
| 作者姓名: | 康文丹 展鹇 白静 蔡旺 |
| |
| 作者单位: | 武汉大学计算机学院,湖北武汉430072 |
| |
| 基金项目: | 国家自然科学基金[61202387,61103220]、国家科技重大专项[2010ZX03006-001-01]、博士点基金[20120141110002]、博士后基金[2012M510641]、湖北省自然科学基金[2011CDB456]、武汉市晨光计划项目[2012710367] |
| |
| 摘 要: | 文章介绍了一款基于行为的移动智能终端恶意软件自动化分析与检测系统,通过对大量恶意样本的研究,构建了一套敏感行为库,在不依赖恶意软件静态特征库的情况下,可有效判别已知和未知的恶意软件。该系统将静态分析技术与动态分析技术相结合,在静态分析技术中,增加了敏感API代码快速定位功能;动态分析技术的使用有效提升了可疑样本的敏感行为捕获的覆盖面和准确性。最后,基于SVM算法对样本的恶意性进行自动化判定。实验结果表明,该系统能够有效分析可疑样本行为,检出率高、误报率低,具有良好的应用前景。
|
| 关 键 词: | 无线平台 敏感权限 行为记录 行为触发 恶意软件检测 |
The Mobile Intelligent Terminal Malware Analysis and Detection System based on Behavior |
| |
| KANG Wen-dan,ZHAN Xian,BAI Jing,CAI Wang.The Mobile Intelligent Terminal Malware Analysis and Detection System based on Behavior[J].Netinfo Security,2013(12):46-50. |
| |
| Authors: | KANG Wen-dan ZHAN Xian BAI Jing CAI Wang |
| |
| Affiliation: | (School of Computer Science of Wuhan University, Wuhan Hubei 430072, China) |
| |
| Abstract: | This paper describes a behavior-based automated Android malware analysis and detection system, which constructs a sensitive behavior library based on a large number of researches on malware, without depending on the vires database to identify malicious software. Static analysis and dynamic analysis methods are deployed in the system. In the term of static analysis, quickly location of sensitive smali code was added. And the utilization of dynamic analysis can capture sensitive behaviors of suspicious samples accurately and comprehensively. The system uses heuristic scanning algorithm based on SVM, which can improve the accuracy of analysis and detection and effectively identify known or unknown malwares. |
| |
| Keywords: | the wireless platform sensitive permission behavior hook behavior triggering malware detection |
| 本文献已被 维普 等数据库收录! |
