Detection malicious Android application based on simple-Dalvik intermediate language

Abstract

In recent years, mobile malware has become one of the most important threats to the development of mobile Internet. Effective prevention and control of malicious applications concern the healthy development of the mobile Internet industry and the vital interests of the vast number of mobile terminal users. However, due to many new characteristics of mobile intelligent terminals, such as storing personal privacy data, the traditional software security technology cannot be applied to mobile applications directly. Therefore, the security detection for mobile applications is of great significance. In this paper, we proposed a simple-Dalvik intermediate language-based method to detect the malicious mobile applications. In this method, we first reduce the 218 instructions in the Dalvik instruction set to a simpler set, SDIL, through simplification and optimization. By using SDIL, we can effectively refine the instruction features and maintain the control relationships of the source program. After that, we use an improved MOSS algorithm to detect malicious mobile applications. Our experimental results show that the method proposed in this paper greatly improves the detection efficiency of malicious mobile applications and maintains good accuracy.