共查询到20条相似文献,搜索用时 31 毫秒
1.
随着Android系统的日益流行,其安全问题受到了越来越多的关注.尽管Android Permission机制能在一定程度上保证安全性,但在实际应用中却缺乏灵活性,基于此提出了一种与Apex相兼容的策略模型.该方法主要针对Apex的安装程序包Poly.在Ploy安装程序之前先对应用程序和权限进行分析检测,然后将检测分析后的权限呈现给用户.实验结果表明在造成一定性能损失的情况下,新的框架可以有效减少用户所需设置的权限. 相似文献
2.
3.
4.
5.
随着传统互联网逐渐向“互联网+”演变,域名系统(domain namesystem,DNS)从基础的地址解析向全面感知、可靠传输等新模式不断扩展。新场景下的DNS由于功能的多样性和覆盖领域的广泛性,一旦受到攻击会造成严重的后果,因此DNS攻击检测与安全防护方面的研究持续进行并越来越受到重视。首先介绍了几种常见的DNS攻击,包括DNS欺骗攻击、DNS隐蔽信道攻击、DNS DDoS(distributed denial of service)攻击、DNS反射放大攻击、恶意DGA域名;然后,从机器学习的角度出发对这些攻击的检测技术进行了系统性的分析和总结;接着,从DNS去中心化、DNS加密认证、DNS解析限制3个方面详细介绍了DNS的安全防护技术;最后,对未来的研究方向进行了展望。 相似文献
6.
《Digital Communications & Networks》2022,8(6):1040-1047
In recent years, we have witnessed a surge in mobile devices such as smartphones, tablets, smart watches, etc., most of which are based on the Android operating system. However, because these Android-based mobile devices are becoming increasingly popular, they are now the primary target of mobile malware, which could lead to both privacy leakage and property loss. To address the rapidly deteriorating security issues caused by mobile malware, various research efforts have been made to develop novel and effective detection mechanisms to identify and combat them. Nevertheless, in order to avoid being caught by these malware detection mechanisms, malware authors are inclined to initiate adversarial example attacks by tampering with mobile applications. In this paper, several types of adversarial example attacks are investigated and a feasible approach is proposed to fight against them. First, we look at adversarial example attacks on the Android system and prior solutions that have been proposed to address these attacks. Then, we specifically focus on the data poisoning attack and evasion attack models, which may mutate various application features, such as API calls, permissions and the class label, to produce adversarial examples. Then, we propose and design a malware detection approach that is resistant to adversarial examples. To observe and investigate how the malware detection system is influenced by the adversarial example attacks, we conduct experiments on some real Android application datasets which are composed of both malware and benign applications. Experimental results clearly indicate that the performance of Android malware detection is severely degraded when facing adversarial example attacks. 相似文献
7.
本文为了阻止Android手机恶意软件病毒的危害,分析了入侵病毒的类型,提出了一个基于Android平台的安全检测软件的设计方案,并实现了该方案。该软件基于Android的体系机构,结合Android体系自身的特点,实现了查杀病毒、检测支付环境、监听电话短信、检测流量等功能,保障了用户的安全。经过真机和模拟机测试,该软件能够有效查杀病毒、检测到潜在的病毒危害并及时采取措施,达到了设计目的。 相似文献
8.
9.
当前智能手机市场中,Android占有很大的市场份额,又因其他的开源,基于Android系统的智能手机很容易成为攻击者的首选目标。随着对Android恶意软件的快速增长,Android手机用户迫切需要保护自己手机安全的解决方案。为此,对多款Android恶意软件进行静态分析,得出Android恶意软件中存在危险API列表、危险系统调用列表和权限列表,并将这些列表合并,组成Android应用的混合特征集。应用混合特征集,结合主成分分析(PCA)和支持向量机(SVM),建立Android恶意软件的静态检测模型。利用此模型实现仿真实验,实验结果表明,该方法能够快速检测Android应用中恶意软件,且不用运行软件,检测准确率较高。 相似文献
10.
首先针对Android平台的漏洞进行研究,列举了3种常见漏洞类型,并结合案例进行了分析,在此基础上分析了Android平台漏洞产生的成因.最后分析了因漏洞产生的安全威胁的特点,提出普通用户的应对措施. 相似文献
11.
Security is the major issue in wireless sensor networks and many defence mechanisms have been developed to secure the network from these alarming attacks by detecting the malicious nodes which hinder the performance of the network. Sybil attack can make the network vulnerable. Sybil attack means a node which illegitimately claims multiple identities. This attack threatens wireless sensor network in routing, voting system, fair resource allocation, data aggregation and misbehaviour detection. Hence, the research is carried out to prevent the Sybil attack and improve the network performance. The node ID-based scheme is proposed, where the detection is based on node registration, consisting of two phases and the assignment of ID to the node is done dynamically. The ID's corresponding to the nodes registered is at the base station and the node active time is monitored, any abnormalities in the above phases confirm the presence of Sybil nodes in the network. The scheme is simulated using NS2. The energy consumed for this algorithm is 2.3?J. The proposed detection scheme is analysed based on the network's PDR and found that the throughput has improved, which prove that this scheme may be used in the environment where security is needed. 相似文献
12.
对信息物理系统攻击及防御技术的现有研究进行了总结,概括了现有攻击的主要类别,总结了描述攻击行为的几个模型,并得到了对信息物理系统的攻击呈协同化趋势的结论。我们还分析了这种协同与传统意义上网络协同攻击的区别,针对这种现状及现有防御措施的不足,提出了信息物理系统攻击检测的发展方向。 相似文献
13.
14.
Multi-step attack detection method based on network communication anomaly recognition 总被引:1,自引:0,他引:1
In view of the characteristics of internal fixed business logic,inbound and outbound network access behavior,two classes and four kinds of abnormal behaviors were defined firstly,and then a multi-step attack detection method was proposed based on network communication anomaly recognition.For abnormal sub-graphs and abnormal communication edges detection,graph-based anomaly analysis and wavelet analysis method were respectively proposed to identify abnormal behaviors in network communication,and detect multi-step attacks through anomaly correlation analysis.Experiments are carried out on the DARPA 2000 data set and LANL data set to verify the results.The experimental results show that the proposed method can effectively detect and reconstruct multi-step attack scenarios.The proposed method can effectively monitor multi-step attacks including unknown feature types.It provides a feasible idea for detecting complex multi-step attack patterns such as APT.And the network communication graph greatly reduces the data size,it is suitable for large-scale enterprise network environments. 相似文献
15.
16.
17.
18.
19.
Aiming at the problem of ignoring the impact of attack cost and intrusion intention on network security in the current network risk assessment model,in order to accurately assess the target network risk,a method of network intrusion intention analysis based on Bayesian attack graph was proposed.Based on the atomic attack probability calculated by vulnerability value,attack cost and attack benefit,the static risk assessment model was established in combination with the quantitative attack graph of Bayesian belief network,and the dynamic update model of intrusion intention was used to realize the dynamic assessment of network risk,which provided the basis for the dynamic defense measures of attack surface.Experiments show that the model is not only effective in evaluating the overall security of the network,but also feasible in predicting attack paths. 相似文献
20.
In this study, a spatial spectrum method is proposed to cope with the pilot spoofing attack (PSA) problem by exploiting the of uplink–downlink channel reciprocity in time-division-duplex multiple-input multiple-output systems. First, the spoofing attack in the uplink stage is detected by a threshold derived from the predefined false alarm based on the estimated spatial spectrum. When the PSA occurs, the transmitter (That is Alice) can detect either one or two spatial spectrum peaks. Then, the legitimate user (That is Bob) and Eve are recognized in the downlink stage via the channel reciprocity property based on the difference between the spatial spectra if PSA occurs. This way, the presence of Eve and the direction of arrival of Eve and Bob can be identified at the transmitter end. Because noise is suppressed by a spatial spectrum, the detection performance is reliable even for low signal-noise ratios and a short training length. Consequently, Bob can use beamforming to transmit secure information during the data transmission stage. Theoretical analysis and numerical simulations are performed to evaluate the performance of the proposed scheme compared with conventional methods. 相似文献