In order to efficiently detect malicious software on Android, an integrated static detection method is proposed based on dangerous permissions and behavior analyses. For the application package (APK) which has been detected before, its MD5 value is extracted as the signature for fast match and decision. For those which have not been detected, permission and behavior analyses are used to detect whether it is malware or not. First, a pre-decision is made according to whether dangerous permissions are applied. Secondly, taint propagation and semantic analyses are conducted to detect the behavior of stealing private information and financial over-charge in APK. The proposed system does not depend on the collection and update of the virus database and can efficiently detect the variants of known and unknown malware, which is different from the anti-virus software that can only detect known malware. The experimental results show that malwares with privacy stealing and malicious extra charges are successfully detected, which proves the effectiveness of the system.

• 出版日期2013
• 单位东南大学