基于Android系统免Root主防方法的研究

doi:10.11959/j.issn.2096-109x.2016.00013

Abstract

Abstract:

In order to solve the problem that the system security is reduced through getting Root permission and that the security of Android smartphone is not effective without Root permission, the working principle of ART, the Java reflection mechanism and AOP principle were studied. The new mechanism was designed and implemented to avoid the security problem caused by the traditional protection application of Hooking system function in the kernel layer and the limitations with calling API in the application layer ineffectively. The interception of sensitive behavior and the protection of smartphone were both achieved.

Key words: Android system, active defense without Root, AOP, Hook, behavior interception, Dalvik

CLC Number:

TP309

Jing-qiang LIU,Bin LI,Li-zhang CHEN,Bin CHEN. Research based on the method of Android system active defense without Root permission[J]. Chinese Journal of Network and Information Security, 2016, 2(1): 65-73.

Figures/Tables 13

References 16

[1]	腾讯移动安全实验室2015年第三季度手机安全报告[EB/OL]. (2015-11-03). .
	Mobile security report of Tencent mobile security laboratory in 2015, third quarter[EB/OL]. (2015-11-03). .
[2]	李挺, 董航, 袁春阳 , 等. 基于Dalvik指令的Android恶意代码特征描述及验证[J]. 计算机研究与发展, 2014,51(7): 1458-1466.
	LI T , DONG H , YUAN C Y , et al. Description of Android malware feature based on Dalvik instructions[J]. Journal of Computer Re-search and Development, 2014,51(7): 1458-1466.
[3]	李志, 单洪, 马春来 , 等. 基于攻防图的网络主动防御策略选取研究[J]. 计算机应用研究, 2015,32(12).
	LI Z , SHAN H , MA C L , et al. Network active defense strategy se-lection based on attack-defense graph[J]. Application Research of Computers, 2015,32(12).
[4]	李淑民 . Android手机隐私泄露研究[J]. 软件, 2015(2): 69-72.
	LI S M . Research on privacy leakage of Android smart phones[J]. Computer Engineering ＆ Software, 2015(2): 69-72.
[5]	吴茂林 . 微信红包折射手机安全防护软肋[J]. 通信世界, 2015(6): 17.
	WU M L . We Chat ked envelope reflects a soft soft spot of mobile security protection[J]. Communications World, 2015(6): 17.
[6]	SANZ B , SANTOS I , LAORDEN C , et al. PUMA: permission usage to detect malware in Android[C]// The 5th International Con-ference on Computational Intelligence in Security for Information Systems (CISIS’02). Berlin: Springer,c 2103: 289-298.
[7]	FELT A P , CHIN E , HANNA S , et al. Android permissions demys-tified[C]// The 18th ACM Conference on Computer and Communi-cations Security, New York. c 2011: 627-638.
[8]	DESNOS A . Reverse engineering, malware and goodware analysis of Android applications…and more (ninja!)[EB/OL]. (2013-03-26). .
[9]	CILIBRASI R , VITANYI P M B . Clustering by compression[J]. IEEE Transactions on Information Theory, 2005,51(4): 1523-1545.
[10]	南秦博, 慕德俊, 侯艳艳 . Android 系统恶意程序检测技术研究[J]. 现代电子技术, 2015(12): 47-50.
	NAN Q B , MU D J , HOU Y Y . Research of malicious program de-tection technology for Android system[J]. Modern Electronics Technique, 2015(12): 47-50.
[11]	CHRISTODORESCU M , JHA S , SESHIA S A , et al. Seman-tics-aware malware detection[C]// The 2005 IEEE Symposium on Security and Privacy (Oakland’05). c 2005: 32-46.
[12]	王蕊, 冯登国, 杨轶 , 等. 基于语义的恶意代码行为特征提取及检测方法[J]. 软件学报, 2012,23(2): 378-393.
	WANG R , FENG D G , YANG Y , et al. Semantics-based malware behavior signature extraction and detection method[J]. Journal of Software, 2012,23(2): 378-393.
[13]	DESNOS A . Android: static analysis using similarity dis-tance[C]// The 45th Hawaii International Conference on System Sciences(HICSS),c 2012: 5394-5403.
[14]	杨超, 刘文庆, 张伟 , 等. 基于利用方式的Android Root漏洞分析[J]. 计算机科学, 2014,41(S1): 343-346.
	YANG C , LIU W Q , ZHANG W , et al. Utilization pattern based Android Root vulnerability analysis[J]. Computer Science, 2014,41(S1): 343-346.
[15]	卢文杰 . 网络安全主动防御技术[J]. 网络安全技术与应用, 2015(4): 148.
	LU W J . Network security active defense technology[J]. Network Security Technology ＆ Application, 2015(4): 148.
[16]	孙晓奇 . 面向多国发布的手机软件定制系统的设计与实现[D]. 北京：中国科学院大学, 2014.
	SUN X Q . Design and implementation of software custom ization for global released mobile phone[D]. Beijing: University of Chi-nese Academy of Sciences, 2014.

Metrics

Recommended 0

No Suggested Reading articles found!

序号	文件名	说明
1	AndroidManifest.xml	清单配置文件
2	classes.dex	二进制代码文件
3	assets	附件文件
4	lib	Native库文件
5	Res	资源文件

Research based on the method of Android system active defense without Root permission

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 13

References 16

Related Articles 2

Metrics

Recommended 0

[1]	Xiaoyan ZHU,Hui ZHANG,Jianfeng MA. Privacy protection system based on Hook for Android [J]. Chinese Journal of Network and Information Security, 2018, 4(4): 38-47.
[2]	Xiao-min ZHANG,Jing LUI,Jun-xi ZHUANG,Ying-xu LAI. Research on Android malware detection based on permission and behavior [J]. Chinese Journal of Network and Information Security, 2017, 3(3): 51-57.