Research On Intrusion Detection For The Android Smartphone

With the advance of science and technology,intelligent mobile phone also got rapid development in recent years,from the previous mobile phones which could only be used to make a phone call,send information to the powerful smart phones.It is increasingly integrated into every aspect of our life.In the current mainstream of smart phone system,Android smart phones developed by Google company enjoy the most users.Smart phone is a double-edged sword,which brings convenience to our life,and also gives us a big hidden danger of the security.With the increasing of users,security issues have become increasingly obvious.The malware designed to damage the Android system appears constantly.The Android system is at the bottom of the Linux system.It inherits the advantages of Linux system,but its security mechanism in the application layer is not perfect enough,which is often taken as the breakthrough point of the attack by malicious software.In this paper,The author will combine with the traditional PC detection technology by analyzing the characteristics of the Android platform and the way the virus infection,and construct a safety inspection system for the Android platform through the static and dynamic aspects.In this paper,the main research contents and results are as follows:(1)We get to know the defects in the safety inspection of the current mobile phone by studying and analyzing the security inspection technology.(2)We start from the perspective of the static test,combine with f eature codes extracted from the characteristics of the Android platform application,and join the heuristic information,such as,user interaction,on the method of traditional static testing to improve the ability of detection.And at the same time,we ex tract and intelligentialize the logic of static detecting to increase the flexibility of detection module.(3)In this paper,we use the Android platform architecture feature to track and detect the key elements for the safety of running the system based o n the principle of the Linux kernel from the aspects of monitoring.(4)We analyze its application behavior patterns of the Android platform application based on its state at runtime,and extract the change of the system,and build the security detection model which can test whether there are abnormal behaviors of the application and components based on the HMM recognition principle.