Research On Key Technology And Detection Method Of Android Trojan

In recent years,with the popularity of smart phones and the development of mobile Internet,smart phones have become a necessity in modern society.Crimes around smart phones are increasing,and Trojans telecom fraud cases are becoming more and more harmful as an upgraded version of telecom fraud cases.Large,and such crimes conceal the temperament,the victim is uninformed,the bank card is stolen,the electronic account money is transferred,and the society is extremely harmful.Such crimes have increasingly become the focus of public security work.To deal with such crimes,it is necessary to use Trojan-related knowledge to tap more clues on the basis of traditional telecom fraud methods.Android mobile phone Trojans are becoming more and more mature,and their functions are getting stronger and stronger.The corresponding requirements for handling cases are getting higher and higher.On the basis of summarizing the Android system framework and security mechanism,this paper studies and summarizes the key technologies of Android system Trojan,including implant technology,hidden technology and reinforcement technology,and puts forward the technical points of each method,focusing on Trojan APK reinforcement technology.Summarizing the threats faced by APK,the research combs the techniques of decompilation,anti-debugging,Trojan packing,and gives specific implementation methods and ideas,partially verifying the effect.Through the study of these technologies,we can understand more technical details of Trojans and facilitate the targeted work in the work.Combined with the public security work in the investigation of Trojan telecom fraud cases,the Trojan detection system for public security work was designed.The system adopts modular design to realize the use of MD5 to realize the case of Trojan telecom fraud.The KNN,random forest,and SVM machine learning algorithms are used to train the classifier,and the three types of classifiers are used to detect the samples to be inspected.The test results are given by the voting rules.Finally,using the collected normal APK and malware APK to extract the privilege feature vector,the detection algorithm proposed in the detection system is verified,and it is found that the algorithm can meet the requirements of high accuracy and low false alarm rate in the practical application of public security work,and achieve the expectation effect.