CAJ | 학술논문

随着近年来移动互联网的兴起，智能手机飞速发展。由于Android的开源性，使得Android平台的恶意软件与日俱增，并且具有数量大、传播快、变种多等特点。文章提出了一种检测和防范Android恶意软件的策略及方法。首先通过静态分析的方法提取大量的正常Android应用程序和恶意程序样本的权限，然后统计样本结果，对比正常应用与恶意程序所调用权限的区别，重点研究良性软件和恶意程序中调用最频繁的权限的区别。该统计结果很好地反映了恶意软件与良性软件在权限选择上有许多不同侧重点；最后引入信息增益概念，来研究每项权限对于判断一个应用程序为恶意软件的可能性的影响大小，对应用程序的权限进行分级评分，从而形成一个可靠有效的安全测评机制。通过实验证明，该方法能有效的检测和防范恶意软件，从而更好地保护Android手机安全。
수착근년래이동호련망적흥기，지능수궤비속발전。유우Android적개원성，사득Android평태적악의연건여일구증，병차구유수량대、전파쾌、변충다등특점。문장제출료일충검측화방범Android악의연건적책략급방법。수선통과정태분석적방법제취대량적정상Android응용정서화악의정서양본적권한，연후통계양본결과，대비정상응용여악의정서소조용권한적구별，중점연구량성연건화악의정서중조용최빈번적권한적구별。해통계결과흔호지반영료악의연건여량성연건재권한선택상유허다불동측중점；최후인입신식증익개념，래연구매항권한대우판단일개응용정서위악의연건적가능성적영향대소，대응용정서적권한진행분급평분，종이형성일개가고유효적안전측평궤제。통과실험증명，해방법능유효적검측화방범악의연건，종이경호지보호Android수궤안전。
In recent years, Android smart phones have developed rapidly, along with increasing developed software on the android platform. However, due to Android's open source property, the malware is growing in android platform. Currently, a large number of malicious software has been rapidly spread. Therefore, it is a must to protect Android smart phones. The main work of this paper are as follows: ifrst, extract a large number of permissions from normal applications as well as malicious applications through static analysis. Secondly, draw histograms based on the permissions to show what permissions are most important. We pay much attention to ifnding out which permission is most frequent between benign application and malware. The statistical results reflect that there are many different priorities between benign application and malware. Lastly, depending on the information gain concept to estimate the risk which a application is a malware. We rank permissions based on information gain. In this way to form a effective and safe assessment mechanism. This paper provides a method for detecting malware. Through experimental results, the method has the opportunity to become malware detection and prevention mechanisms to better protect Android phone.