Situation Analysis Based On The Characteristics Of Android Malicious Code

With the rapid development of mobile network technology,mobile terminals with good portability have gradually become an indispensable tool in daily work and life with the increase of network data transmission and terminal storage and computing processing capabilities.In recent years,malicious behaviors caused by malicious code of mobile terminals are endless,such as: malicious deduction,remote control,privacy theft,system destruction,rogue behavior,tariff consumption,tamper application,fraudulent fraud,etc.These actions bring significant harm and loss to the majority of mobile terminal users.This article focuses on the research object is the Android platform malicious APK,and designed based on 9000 malicious APK as a feature database of malicious APK state analysis and analysis of unknown malicious APK risk system.The main research of this paper is as follows:(1)We conducted a series of researches on some security mechanisms under the Android platform,And research on malicious code detection and situation analysis at home and abroad in the Android platform.Learn about various data mining algorithms and discuss the application of such algorithms in this article.(2)Collect Android malicious APKs and build sample libraries to prepare for subsequent data mining.(3)Write suitable data mining algorithms for feature extraction of malicious samples.Based on the comparison of data mining algorithms such as feature extraction algorithm,Apriori algorithm,and C4.5 algorithm using N-grams for sample library feature extraction,this paper uses Python designs a more efficient data mining algorithm for extracting APK feature information such as: telephone,email,IP,URL,Permission,Service and other basic information.(4)This article uses Javaee to design an Android APK’s malicious code situation analysis system,which is used to display various features of the feature library,providing a powerful basis for system administrators to evaluate the future mobile malicious code feature situation.Evaluate unknown malicious code or variant malicious code to minimize the risk and damage caused by unknown malicious code.