针对当前移动安全产品多数只能提供静态的应用程序检测,缺乏对未知样本的检出能力的现状,提出了一种基于行为的移动应用程序安全检测方法,包括了静态行为检测方法和动态行为检测方法.该方法可以检测任意一款移动应用软件,在经过基于终端的静态行为检测和基于服务器的虚拟机动态行为检测之后,对行为进行分析并提供完整的移动应用程序安全报告,供安全产品用户参考,并为公安机关打击移动环境下的违法犯罪活动提供技术支持.%In order to improve the situation that the most mobile security products provide only static means to detect mobile applications and lack the ability to detect unknown malware, the article proposes a detection method of the security of mobile application based on behaviors, including static and dynamic methods. It can detect all mobile applications . After the detection of both static method based on terminals and dynamic method based on virtual machine, it can provide a security report of mobile application by analyzing the behaviors, which is referred by users and provide a lot of support for counter-criminal in mobile cyberspace of public security department.
展开▼
