文化大學機構典藏 CCUR:Item 987654321/38198
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 47249/51115 (92%)
Visitors : 14340861      Online Users : 748
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/38198


    Title: 以結構內容相似度為基礎之Android惡意軟體偵測
    Android Malware Detection Based on Structural Content Similarity
    Authors: 簡毅
    Contributors: 資訊管理學系
    Keywords: 靜態分析
    逆向工程
    Android
    static analysis
    reverse engineering
    Date: 2017
    Issue Date: 2017-09-27 11:00:55 (UTC+8)
    Abstract: 近年來智慧型手機已經成為市場上的主流,日常生活中有越來越多擁有強大運算能力和可以儲存大量資料的行動裝置,也因此讓較私密的資料,像是個人資料、帳號密碼甚至是金融資料等,都有可能成為被盜取濫用的資訊。隨著運算能力的提升與行動通訊技術的進步,行動裝置變得更普及化、上網人口的比率也在逐漸增加。因此,行動裝置也出現以往個人電腦所面臨的威脅,像是木馬程式的攻擊、資料的盜取、阻斷式攻擊與勒索攻擊等。
    手機惡意軟體推陳出新的速度非常快,每天都會有新的版本和變種出現,有鑑於此本研究認為惡意程式從出現到被發現、擷取與完成特徵碼分析之間的空窗期是必須被縮短的,所以本研究首先利用逆向工程技術還原原始碼,再利用原始碼裡的class-method-API製作結構圖,再利用MI選出惡意程式常用的API,最後透過比對上述結構圖包含敏感API的部分來判斷是否為惡意程式。
    In recent years, smartphones have become the mainstream of the market, everyday there are more and more computing power and has a strong mobile device can store large amounts of data, and therefore allow a more private data, such as personal information, account passwords and even Financial information, etc., are likely to be stolen abuse of information. With the improvement of computing power and the progress of mobile communication technology, mobile devices become more popular, the proportion of In-ternet population is gradually increasing. Therefore, mobile devices are also emerging threats in the past PC facing attacks like Trojans, steal data, blocking attacks and extortion attacks.
    Mobile malware is very fast, and new versions and variants appear every day. In view of the fact that this study suggests that the malicious program is discovered from the occurrence to the discovery, the window period between the capture and the completion of the signature analysis must be shortened , it was first developed to reverse engineering technology source reduction, reuse of the source code in the class-meth od-API composi-tion for making a junction, MI selected malicious reuse common API, and finally through the above-described configuration than FIG comprising the sensitive API part to deter-mine whether the malware.
    Appears in Collections:[Department of Information Management & Graduate Institute of Information Management] Thesis

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML242View/Open


    View Licence

    All items in CCUR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback