运营商恶意软件防护体系与关键技术研究

doi:10.3969/j.issn.1000-0801.2014.01.013

电信科学 ›› 2014, Vol. 30 ›› Issue (1): 83-88.doi: 10.3969/j.issn.1000-0801.2014.01.013

运营商恶意软件防护体系与关键技术研究

陈涛¹,高鹏¹,杜雪涛¹,薛姗¹,杨满智²

¹ 中国移动通信集团设计院有限公司北京 100080
² 恒安嘉新（北京）科技有限公司北京 100191

出版日期:2014-01-20 发布日期:2017-06-22
基金资助:
国家科技重大专项课题“LTE覆盖增强组网技术”基金资助项目

Research on Operators Mobile Malware Protection Architecture and Key Technologies

Tao Chen¹,Peng Gao¹,Xuetao Du¹,Shan Xue¹,Manzhi ang²

¹ China Mobile Group Design Institute Co., Ltd., Beijing 100080, China
² Eversec（Beijing）Technology Co., Ltd., Beijing 100191, China

Online:2014-01-20 Published:2017-06-22

摘要/Abstract

摘要：

近年来，运营商网络中恶意软件的数量急剧增加，严重威胁到移动互联网的安全。在综述现有恶意软件研判和防护技术的基础上，从运营商的角度，提出了网络侧与客户端联动的恶意软件防护体系，并研究了关键实施技术，为安全工程人员提供参考。

关键词: 移动互联网安全, 恶意软件, 动态检测, 静态检测

Abstract:

In recent years, there is a rapid growth of malware on operators network. It severely threats security of mobile internet. Based on reviewing of existing malware protection technologies, mobile malware protection architecture including both network side and terminal side technology and their interaction mechanism was proposed. Some key implementation technologies for engineer's reference were also studied.

Key words: mobile internet security, malware, dynamic detection, static detection

陈涛,高鹏,杜雪涛,薛姗,杨满智. 运营商恶意软件防护体系与关键技术研究[J]. 电信科学, 2014, 30(1): 83-88.

Tao Chen,Peng Gao,Xuetao Du,Shan Xue,Manzhi ang. Research on Operators Mobile Malware Protection Architecture and Key Technologies[J]. Telecommunications Science, 2014, 30(1): 83-88.

图/表 8

表1

图1

图2

图3

图4

图6

图5

图7

参考文献 19

1	Jiang X . Dissecting Android malware: characterization and evolution. Proceedings of 2012 IEEE Symp on Security and Privacy, Francisco,California, 2012:95～109
2	Erturk E . Two trends in mobile malware: financial motives and transitioning from static to dynamic analysis. International Journal of Intelligent Computing Research（IJICR）, 2012,3（3/4）:325～329
3	Venugopal D . An efficient signature representation and matching method for mobile devices. Proceedings of 2nd Annual International Workshop on Wireless Internet（WICON'06）, Boston,MA,United States, 2006
4	Zhou W , Zhou Y J . Detection of repackaged smartphone applications on Android. Proceedings of the Second ACM Conference on Data and Application Security and Privacy, San Antonio,USA, 2012:317～326
5	Zheng M . DroidAnalytics: a signature based analytic system to collect, extract, analyze and associate Android malware. , 2013
6	Elish K O . A static assurance analysis of Android applications. , 2013
7	Grace M . RiskRanker: scalable and accurate zero-day Android malware detection. Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services, Paphos, Cyprus, 2012:281～294
8	Enck W , Octeau D , McDaniel P , et al. A study of Android application security. Proceedings of the 20th USENIX Security Symposium, USENIX Security'11, San Francisco, CA, 2011
9	Zhao M . RobotDroid: a lightweight malware detection framework on smartphones. Journal of Networks, 2012,7（4）:715～722
10	Zhao M . A smartphone malware detection framework based on artificial immunology. Journal of Networks, 2013,8（2）:469～476
11	Shabtai A . Andromaly: a behavioral malware detection framework for android devices. Journal of Intelligent Information Systems, 2012,38（1）:161～190
12	Aung Z . Permission-based Android malware detection. National Journal of Science ＆ Technology Research, 2013,2（3）
13	Burguera I . An Android application sandbox system for suspicious software detection. Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Berlin, Germany, 2011:15～26
14	Iland D . Detecting Android malware on network level. , 2011
15	Park Y . An Android security extension to protect personal information against illegal accesses and privilege escalation attacks. Journal of Internet Services and Information Security （JISIS）, 2012,2（3/4）:29～42
16	Beginners guide to Android reverse engineering. , 2012
17	Zhou Y , Wang Z , Zhou W , et al. Hey, you, get off my market:detecting malicious apps in alternative Android markets. Proceedings of the 16th Network and Distributed System Security Symposium, NDSS'12, San Diego, California, 2012
18	Su X . Smartphone dual defense protection framework: detecting malicious applications in Android markets. Proceedings of 8th International Conference on Mobile Ad Hoc and Sensor Networks, Chengdu, China, 2012
19	粟栗，从健，赵乐意．涉黄域名二次中标问题研究．电信工程技术与标准化， 2011（10）:11～14.

	网络侧防护技术	客户端侧防护技术
优势	实现运营商网络的防护全覆盖，保护没有安装客户端安全软件的用户；防护功能不消耗终端资源	清除终端恶意软件，消除恶意扣费和网络资源消耗等不良影响；举报软件恶意行为，对恶意软件进行个性化处理
劣势	不能彻底清除恶意软件，终端恶意软件持续损害用户利益，消耗终端资源；恶意软件心跳连接等行为持续消耗运营商网络资源	终端安全软件杀毒功能对用户计算和电池资源消耗较大；对没有安装安全软件的用户无防护能力

[1]	肖芫莹,游耀东,向黎希. 代码审计系统的误报率成因和优化[J]. 电信科学, 2020, 36(12): 155-162.
[2]	卿斯汉. Android安全的研究现状与展望[J]. 电信科学, 2016, 32(10): 2-14.
[3]	陈昊,卿斯汉. 基于组合式算法的Android恶意软件检测方法[J]. 电信科学, 2016, 32(10): 15-21.
[4]	卿斯汉. Android广播机制安全性研究[J]. 电信科学, 2016, 32(10): 27-35.
[5]	杜雪涛,常玲,刘佳,张晨. 手机恶意软件网络行为分析[J]. 电信科学, 2015, 31(8): 171-174.
[6]	苏晓萍,宋玉蓉,申情,楼俊钢. 一种具有GAF分簇结构的无线传感器网络中恶意软件传播模型[J]. 电信科学, 2011, 27(8): 33-38.
[7]	王永全. 通信网络中犯罪行为的取证技术 *[J]. 电信科学, 2006, 22(6): 63-66.

运营商恶意软件防护体系与关键技术研究

Research on Operators Mobile Malware Protection Architecture and Key Technologies

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 8

参考文献 19

相关文章 7

Metrics

推荐阅读 0