Netinfo Security ›› 2016, Vol. 16 ›› Issue (2): 54-59.doi: 10.3969/j.issn.1671-1122.2016.02.009

• Orginal Article • Previous Articles     Next Articles

A Detecting System for Android Malicious Behavior Based on Binder Information Flow

Guizhi LI1,2(), Zhen HAN1, Qihui ZHOU2, Yazhe WANG2   

  1. 1. School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China
    2. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China
  • Received:2015-10-15 Online:2016-02-10 Published:2020-05-13

Abstract:

Currently, malwares based on the Android system are in flood. The malicious behavior not only brings a huge threat to users’ property, but also limits the development of mobile terminal application. In order to solve this problem, this paper designs and realizes a system for malicious behavior detection based on Binder information flow. According to the collected universal information, this paper sets privacy data detection as the specific safety requirements to discover the malicious behavior of applications, and builds information-flow graph showing the communication path between applications. Malicious behavior analysis is based on communication content and graph traversal. This paper analyzes 300 applications and finds 30.7% of the applications have malicious behavior of illicit access to private data. The performance test shows that the proposed scheme in this paper only brings 6.9% performance loss to Android system.

Key words: Android, Binder information flow, privacy data, malicious behavior

CLC Number: