| Android系统隐藏技术及检测方法 |
| |
| 引用本文: | 平程,蔡皖东.Android系统隐藏技术及检测方法[J].计算机技术与发展,2014(5):142-145. |
| |
| 作者姓名: | 平程 蔡皖东 |
| |
| 作者单位: | 西北工业大学计算机学院,陕西西安710129 |
| |
| 基金项目: | 基金项目:陕西省科学技术研究发展计划项目(2013K06-19) |
| |
| 摘 要: | Android木马通过获取系统root权限,修改内核表项实现隐藏功能,进而躲避木马查杀软件的检测。因此研究An-droid系统隐藏技术对于发现隐藏木马、提高查杀软件的检测能力有重要意义。文中在传统Linux系统隐藏技术的基础上,对Android系统服务启动过程进行分析,探究出适用于Android系统的隐藏方法,并实现了一种Android Rootkit木马原型,用于测试现有木马检测软件对该类型木马的检测能力。文中提出了针对此类Rootkit型木马的检测方法,实验证明这些方法对检测此类木马有一定的作用。
|
| 关 键 词: | Android系统 隐藏技术 检测 |
Hidden Technology and Method of Detection in Android System |
| |
| PING Cheng,CAI Wan-dong.Hidden Technology and Method of Detection in Android System[J].Computer Technology and Development,2014(5):142-145. |
| |
| Authors: | PING Cheng CAI Wan-dong |
| |
| Affiliation: | ( College of Computer, Northwestern Polytechnical University, Xi' an 710129, China) |
| |
| Abstract: | Getting the access to root privileges,the Android Trojan not only modifies important tables in the kernel to hide,but also leaves away from the detection of anti-virus software. So it's very important to discover hidden technology in Android system for finding hid-den Trojan and improving detection capability. Based on the traditional hidden technology in Linux system,analyze the Android system service startup process,explore the hidden technology in Android system,and realize a prototype of Android Rootkit Trojan to test the de-tection capability of existing software in related to this type of Trojan. A detection technology is presented which focuses on finding Root-kit Trojan and the experiment shows the method plays a certain role in detecting. |
| |
| Keywords: | Rootkit Android system concealing Rootkit detection |
| 本文献已被 维普 等数据库收录! |
