Patent
Function-call-based Android malicious code detection method
Tao Jing,Hu Wenjun,Zhou Wenyu,Zhao Shuang,Ma Xiaobo +4 more
- 11 Dec 2013
22
TL;DR: In this paper, a function-call-based Android malicious code detection method is proposed, which aims at solving the problems that the Android program characteristic can be established in a fine-grained manner by adopting an existing Android malicious codes detection technology.
read more
Abstract: The invention provides a function-call-based Android malicious code detection method, and aims at solving the problems that the Android program characteristic can be established in a fine-grained manner by adopting an existing Android malicious code detection technology. The method comprises the steps: firstly, conducting authority-based statistic analysis on existing Android malicious codes, extracting an authority with a relatively high utilization rate as a sensitive authority, and then establishing a function chain capable of calling APIs (Application Program Interface) by using the APIs of the authority as entry points, so as to conduct function-call-based Android malicious code detection. Through the function-call-based Android malicious code detection method, the behavior characteristic of the Android program can be established in a fine-grained manner, and therefore, the Android malicious codes can be relatively well detected.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Patent
Method and device for detecting malicious code in intelligent terminal
Yang Kang,Chen Zhuo,Tang Hai +2 more
- 30 Apr 2014
TL;DR: In this paper, a method and a device for detecting a malicious code in an intelligent terminal is presented, which comprises the steps of obtaining a virtual machine execution file of an application program from an application-program layer of an Intelligent terminal operation system; performing decompilation on the virtual-machine execution file to obtain a decompiled function information structure; resolving the decompiled functions information structure and extracting a function call sequence from the decompiling function information structures; utilizing a preset malicious code feature library, performing matching of the function call sequences and conforming that the malicious code including situation of the
19
Patent
Automatic detection method of API (Application Program Interface) misuse-type bug of Android application software
Lin Baigang,Li Yuxiang,Ye Qianhong,Ni Yitao,Yang Yang,He Xiaoling,Song Lizhu,Xu Wei +7 more
- 23 Sep 2015
TL;DR: In this paper, an automatic detection method of an API misuse-type bug of Android application software is proposed, which consists of static analysis and dynamic analysis, wherein the main content of the static analysis comprises the following steps: modeling by combining with the characteristics of the Android app software to construct a full-program control flow chart, and combining with program structure traversal to carry out API misuse accessibility analysis and constant transmission analysis to screen a candidate suspect bug.
16
Patent
Method for detecting, removing and recovering malicious codes of Android repackaging malicious software
Gu Dawu,Yang Wenbo,Li Yong,Zhang Yuanyuan,Li Quanru +4 more
- 08 Oct 2014
TL;DR: In this paper, a method for detecting, removing and recovering malicious codes of Android repackaging malicious software comprises the steps as follows: a feature library consisting of fuzzy hash codes is established for malicious access point classes of known malicious programs and is used for being matched with to-be-detected programs after disassembling.
14
Patent
Method and device for detecting similarities of Android application software
Chen Ruidong,Zhang Xiaosong,Niu Weina,Dai Zhongyin,Bao Kai,Qi Yanmei,Yu Zhou,Wang Dong,Xiaolei Liu +8 more
- 15 Jul 2015
TL;DR: In this paper, a method and a device for detecting similarities of application software under an Android system of a mobile platform, belongs to the field of computer security and particularly relates to the method and the device used for detecting the software which is used for injecting a malicious code or an advertising code to the normal application software by repacking technology from four aspects of permissions, components, resources and code maps.
13
Patent
Security enhancement method for third-party code of Android application program
Li Ruixuan,Zhao Quanzhou,Gu Xiwu,Xiong Zhiqiang,Han Hongmu,Tang Junwei +5 more
- 21 Oct 2015
TL;DR: In this paper, a security enhancement method for a third-party code of an Android application program is presented, which comprises the steps of: obtaining a call chain relating to user privacy data in an application program process by utilizing system exception stack data; obtaining main information of a call initiator by a system according to call chain information; sending the main information and the call initiators' main information to a system access control evaluation engine by utilizing an inter-process communication mechanism; judging a call source by an evaluation engine according to the main Information and a thirdparty code package list;
11
References
Patent
Malicious Android application program detection method, system and device
Cheng Shaoyin,Wu Yan,Wu Junchang,Jiang Fan +3 more
- 20 Feb 2013
TL;DR: In this paper, a malicious Android application program detection method, system and device is presented, which comprises the following steps of: imitating the execution of Android application programs by a server, matching sensitive characteristic information and sensitive date of system functions called by the Android application apps with sensitive information stored in a rule base, and marking variables of the matched system functions as sensitive data; and matching the functions containing the sensitive data with characteristic information of malicious acts stored in the malicious act detection rule base.
45
Patent
Method and system for testing malicious Android application programs
Sibei Jiao,Su Purui,Ying Lingyun,Yang Yi +3 more
- 05 Jun 2013
TL;DR: In this paper, the authors present a method and a system for testing malicious Android application programs, which includes the steps of dividing the untested application programs into a plurality of types and matching each button with one or more types of behavior and obtaining an application program button-behavior model.
18
Patent
Android malicious code detection method based on OpCode and system thereof
Pan Xuanchen
- 28 Aug 2013
TL;DR: In this paper, an android malicious code detection method based on OpCode and a system thereof is presented. But the method comprises the following steps: resolving a dex file format, identifying structural bodies, scanning a class and a function in each structural body, and recording OpCode code segment content which corresponds to the function; disassembling the obtained OP code segments content to obtain OP segment data and index segment data of an OP code segment having API calling or data assigning behaviors; calculating the feature code of the OP segments data and/or feature codes of OP segment corresponding data, matching
16
Related Papers (5)
Xiaojian Liu,Xiaofeng Dong,Qian Lei +2 more
- 02 Nov 2018
Yanhui Guo,Lin Yang,Xiaomeng Gao,Kun Wu +3 more
- 01 Sep 2016