| 摘要: | 近年來智慧型手機已經成為市場上的主流,日常生活中有越來越多擁有強大運算能力和可以儲存大量資料的行動裝置,也因此讓較私密的資料,像是個人資料、帳號密碼甚至是金融資料等,都有可能成為被盜取濫用的資訊。隨著運算能力的提升與行動通訊技術的進步,行動裝置變得更普及化、上網人口的比率也在逐漸增加。因此,行動裝置也出現以往個人電腦所面臨的威脅,像是木馬程式的攻擊、資料的盜取、阻斷式攻擊與勒索攻擊等。
手機惡意軟體推陳出新的速度非常快,每天都會有新的版本和變種出現,有鑑於此本研究認為惡意程式從出現到被發現、擷取與完成特徵碼分析之間的空窗期是必須被縮短的,所以本研究首先利用逆向工程技術還原原始碼,再利用原始碼裡的class-method-API製作結構圖,再利用MI選出惡意程式常用的API,最後透過比對上述結構圖包含敏感API的部分來判斷是否為惡意程式。
In recent years, smartphones have become the mainstream of the market, everyday there are more and more computing power and has a strong mobile device can store large amounts of data, and therefore allow a more private data, such as personal information, account passwords and even Financial information, etc., are likely to be stolen abuse of information. With the improvement of computing power and the progress of mobile communication technology, mobile devices become more popular, the proportion of In-ternet population is gradually increasing. Therefore, mobile devices are also emerging threats in the past PC facing attacks like Trojans, steal data, blocking attacks and extortion attacks.
Mobile malware is very fast, and new versions and variants appear every day. In view of the fact that this study suggests that the malicious program is discovered from the occurrence to the discovery, the window period between the capture and the completion of the signature analysis must be shortened , it was first developed to reverse engineering technology source reduction, reuse of the source code in the class-meth od-API composi-tion for making a junction, MI selected malicious reuse common API, and finally through the above-described configuration than FIG comprising the sensitive API part to deter-mine whether the malware. |
