SEDalvik:一种内核级Android行为取证方法

2018 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC) Pub Date : 2018-12-01 DOI:10.1109/SPAC46244.2018.8965577

Fujia Cheng, Chengxiang Tan

{"title":"SEDalvik:一种内核级Android行为取证方法","authors":"Fujia Cheng, Chengxiang Tan","doi":"10.1109/SPAC46244.2018.8965577","DOIUrl":null,"url":null,"abstract":"Android is the mobile operating system with the highest market share, but it comes with the endless malicious code. Behavior forensics has an extremely important role in ensuring application security. However, most of the existing methods of forensic analysis work at the application layer, not universal and easily evaded by anti-forensics mechanisms. Therefore, we propose a behavior forensics method based on source code of Dalvik virtual machine and work at the kernel layer, which effectively improves the versatility and effectiveness of behavior forensics on Android.","PeriodicalId":360369,"journal":{"name":"2018 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"SEDalvik: A Kernel-Level Android Behavior Forensic Method\",\"authors\":\"Fujia Cheng, Chengxiang Tan\",\"doi\":\"10.1109/SPAC46244.2018.8965577\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Android is the mobile operating system with the highest market share, but it comes with the endless malicious code. Behavior forensics has an extremely important role in ensuring application security. However, most of the existing methods of forensic analysis work at the application layer, not universal and easily evaded by anti-forensics mechanisms. Therefore, we propose a behavior forensics method based on source code of Dalvik virtual machine and work at the kernel layer, which effectively improves the versatility and effectiveness of behavior forensics on Android.\",\"PeriodicalId\":360369,\"journal\":{\"name\":\"2018 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC)\",\"volume\":\"2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SPAC46244.2018.8965577\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SPAC46244.2018.8965577","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

Android是目前市场占有率最高的移动操作系统，但它也伴随着层出不穷的恶意代码。行为取证在确保应用程序安全性方面具有极其重要的作用。然而，现有的取证分析方法大多工作在应用层，不通用，容易被反取证机制规避。因此，我们提出了一种基于Dalvik虚拟机源代码，工作在内核层的行为取证方法，有效提高了Android上行为取证的通用性和有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

SEDalvik: A Kernel-Level Android Behavior Forensic Method

Android is the mobile operating system with the highest market share, but it comes with the endless malicious code. Behavior forensics has an extremely important role in ensuring application security. However, most of the existing methods of forensic analysis work at the application layer, not universal and easily evaded by anti-forensics mechanisms. Therefore, we propose a behavior forensics method based on source code of Dalvik virtual machine and work at the kernel layer, which effectively improves the versatility and effectiveness of behavior forensics on Android.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC)

自引率

0.00%

发文量