摘 要

随着android系统的日益流行，其伴随着的恶意软件问题也日益成为我们日常生活中的困扰，为解决这个问题广大的程序员们也进行了许多的相应软件的开发，在这样的整体环境下，总结之前的很多技术大牛门锁做的工作和努力，结合了一下自己的看法，我写了这个论文。与现在已有的许多检测以及匹配算法，完成了本毕业设计的程序设计。这个论文的工作主要有：1. 分析目前的Android 系统安全机制。2. 分析目前主要的恶意软件。3. 根据之前的研究来确定静态的android恶意软件的检测方案。4. 学习BM模式匹配算法并且将其应用到恶意软件检测分析之中。

关键词：Android；模式匹配算法；恶意软件；API调用

Abstract

With the increasing popularity of android system, which along with the malware problem has increasingly become our daily life problems , to solve this problem the majority of programmers have also been many corresponding software development, In this overall environment , many technical summary Daniel lock before doing the work and efforts , combined with my own views , I wrote this paper . And now we have a number of testing and matching algorithms to complete the design of this graduate program design . The main work of this paper are: 1. Analysis of the current Android system security . 2. The analysis of the current major malware. 3. Develop static testing program of Android malware detection system implementation . 4. Learning BM pattern matching algorithm and its application to malware detection analysis.

Key Words:Android; pattern matching algorithm ; malicious software ; API calls

目 录

摘 要.......................................................................................................................Ⅰ

Abstra.................................................................................................................... Ⅱ

第1章 绪论............................................................................................................1

1.1 研究背景.......................................................................................................1

1.2 研究现状.......................................................................................................2

1.2.1当前恶意软件检测技术...........................................................................2

1.2.2 恶意代码库建设......................................................................................2

第2章 Android恶意软件检测技术分析............................................................. 3

2.1 恶意软件的分类...........................................................................................4

2.2 恶意软件的分析...........................................................................................4

2.3 恶意软件检测技术...................................................................................... 4

2.3.1 静态检测方法......................................................................................... 4

2.3.2 动态检测方法......................................................................................... 5

第3章 BM匹配算法 ........................................................................................... 6

3.1模式匹配算法简介......................................................................................... 6

3.2 bm模式匹配算法 ......................................................................................... 6

3.2.1坏字符规则...............................................................................................7

3.2.2好后缀规则...............................................................................................7

第 4章 恶意软件检测系统的实现...................................................................... 9

4.1 Android 开发环境搭建 .................................................................................9

4.2 数据库设计.................................................................................................... 9

4.3 模块设计.........................................................................................................9

4.3.1 预处理模块..............................................................................................9

4.3.2 权限分析模块的实现..............................................................................10

4.3.3 API 序列分析模块 ..................................................................................10

4.3.4 检测结果反馈模块..................................................................................10

1. 算法程序的实现和结果分析.....................................................................11

5.1 BM算法程序的实现步骤............................................................................11

5.2 算法程序的测试和结果分析......................................................................12

第 6 章 总结......................................................................................................... 14

6.1 总结.................................................................................................................. 14

致谢.............................................................................................................................................15

参考文献.....................................................................................................................................16

第 1 章 绪论