摘要
Android木马通过获取系统root权限,修改内核表项实现隐藏功能,进而躲避木马查杀软件的检测。因此研究Android系统隐藏技术对于发现隐藏木马、提高查杀软件的检测能力有重要意义。文中在传统Linux系统隐藏技术的基础上,对Android系统服务启动过程进行分析,探究出适用于Android系统的隐藏方法,并实现了一种Android Rootkit木马原型,用于测试现有木马检测软件对该类型木马的检测能力。文中提出了针对此类Rootkit型木马的检测方法,实验证明这些方法对检测此类木马有一定的作用。
Getting the access to root privileges,the Android Trojan not only modifies important tables in the kernel to hide,but also leaves away from the detection of anti-virus software. So it's very important to discover hidden technology in Android system for finding hid-den Trojan and improving detection capability. Based on the traditional hidden technology in Linux system,analyze the Android system service startup process,explore the hidden technology in Android system,and realize a prototype of Android Rootkit Trojan to test the de-tection capability of existing software in related to this type of Trojan. A detection technology is presented which focuses on finding Root-kit Trojan and the experiment shows the method plays a certain role in detecting.
出处
《计算机技术与发展》
2014年第5期142-145,共4页
Computer Technology and Development
基金
陕西省科学技术研究发展计划项目(2013K06-19)