| With the rapid development of the mobile Internet,mobile terminals are facing new opportunities while also facing many challenges.Android system is Google respected mobile operating system,with its unique advantages of convenience and open source,market share has been remained high.However,while Android is booming,malicious attacks against Android are constantly infringing on its users' privacy data and property security.Android privilege escalation attacks are one of the most representative types of attacks,which bring great harm to the society and economic losses.Therefore,how to detect and protect such attacks effectively has become a hot topic in current research.Firstly,this paper briefly analyzed the security theories and technologies of Android,analyzed the security mechanism of Android and the related theories and technologies methods of Android privilege escalation attack,and then analyzed the relevant machine learning algorithms and TensorFlow computing framework,which would pave the way for follow-up research.Secondly,aiming at the problem of poor detection efficiency and low accuracy of Android privilege escalation attack detection,this paper proposed an Android privilege attack detection model based on component communication.Firstly,it extracted the feature vector set from the known sample and generated the feature vector set.Then,it generated the security policy rule set through training and classified the privilege feature set.And then it generated component communication finite state machine according to the component and communication mode feature vector set to optimize the security policy rule set.Finally,it generated a new state machine by extracting the unknown sample feature vector set,and matched the optimized security policy rule set to detect privilege escalation attack.The experimental results show that the model has good detective efficiency and high accuracy.Then,aiming at the problem of poor protection and low accuracy of Android privilege escalation attack,this paper proposed an Android privilege escalation attack protection model based on deep learning.It combined the attack detection model with the deep learning computing framework TensorFlow,then it designed and implemented the Android privilegeescalation attack protection in a deep learning environment.It transformed the permission feature vector set and component feature vector set into a tensor that could be calculated under TensorFlow,and quantified and saved the risk values of components and corresponding rights in a deep learning environment.When the new state machine matched the optimized policy rule set,then compared the saved risk value with the application risk value to be tested,and when the both conditions were satisfied,it intercepted the privilege escalation attack.The TensorFlow computer framework implemented the protection model and verified its protection effectiveness and protection accuracy.The experimental results show that the attack protection model has better protection effect and higher accuracy. |
PDF Full Text Request