CAJ | 학술논문

随着Android系统的不断发展，人们对该平台的安全问题也更为关注。针对Android恶意应用程序存在的安全隐患，提出一种基于事件的恶意程序检测技术。系统采用C/S结构，通过手机客户端获取目标分析程序的系统调用序列，提交服务器端分析处理，分析服务器预先运行大量的已知恶意程序和良性程序作为训练样本，利用支持向量机学习算法对调用序列流进行聚类分类学习，检测出与样本类似特征的恶意程序。实验测试表明，该技术对恶意程序检出率高，误报率低，为Android恶意程序检测系统的设计提供有价值的参考。
수착Android계통적불단발전，인문대해평태적안전문제야경위관주。침대Android악의응용정서존재적안전은환，제출일충기우사건적악의정서검측기술。계통채용C/S결구，통과수궤객호단획취목표분석정서적계통조용서렬，제교복무기단분석처리，분석복무기예선운행대량적이지악의정서화량성정서작위훈련양본，이용지지향량궤학습산법대조용서렬류진행취류분류학습，검측출여양본유사특정적악의정서。실험측시표명，해기술대악의정서검출솔고，오보솔저，위Android악의정서검측계통적설계제공유개치적삼고。
With the development of Android system, people are concerned about the security probelem of the platform much more. In view of the hidden security problems of malicious program,a kind of malicious program detection technology based on event is proposed. C/S structure is adopted to abtain the system call sequence of target analysis program by mobile phone client,and submit it to the server for analysis processing,and run the known malicious programs and benign program as training sample. The leaning algorithm of support vector machine is utilized to complete the clustering and classification learning of call sequence flow,making the system identify malicious program similar to the sample characteristic. The result of experi?ment shows that the technology has a high detection rate and low false positive rate,and can provide valuable reference for de?sign of malicious program detection system.