The Design And Implementation Of Mobile Application Security Detection System

As the use frequency of mobile intelligent terminal is higher and higher, security of intelligent terminal application software also is particularly emphasized. Although at present there are a lot of application software detection tools, but most of them have a low recognition rate and efficiency. So it is necessary to design and implement an efficient, fast and comprehensive mobile inspection system. In order to achieve this purpose, the thesis first analyzes the classification of malicious applications of the Android platform and its common means of attack, identify the system needs to solve the problem. After researching common malicious application detection techniques at home and abroad, comparing advantages and disadvantages of various types of detection methods, it proposes a detection method which combines signature information detection, static detection and machine learning methods. This method has the advantages of signature information detection method and the static test method, avoiding the deficiency of the single detection method. In addition, it introduces the advantage that machine learning method can learn by inductive method to get expert knowledge and better realize the automation of the application security classification.The key of the above improved method is to determine the characteristics of the android application and the machine learning algorithm. So first of all, the thesis has a detailed analysis of the structure of mobile application, put forward to extract characteristic information and signature from the configuration files, resource files, DEX binary files. Then comparing a variety of classification algorithm, it proposes to realize mobile application security detection system based on support vector machine (SVM). In view of the system functional requirements, this article mainly divides mobile application security detection system into application analysis subsystem, machine learning subsystem and result processing subsystem. The application analysis subsystem can realize the pretreatment of application, known malicious application selection and feature extraction. Machine learning subsystem can determine the dangers of application according to the sample characteristics. Result processing subsystem can according to the analysis of the former two modules generates the readability of the report. Finally, the system has carried on the real data verification. Test results show that the mobile application security detection system designed in this article can well meet the demands for the function of the application of safety inspection and to a certain extent ensure the better recognition rate in intrusion detection. So it has reached the expected purpose.