(3.235.25.169) 您好!臺灣時間:2021/04/17 20:11
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:陳俊翰
研究生(外文):Jun-Han Chen
論文名稱:基於開放原始碼之有效的智慧型手機 Rootkit惡意軟體偵測技術
論文名稱(外文):Effective Rootkit Malware Detection Technologies for Smartphone Based on Open Source
指導教授:曹偉駿曹偉駿引用關係
指導教授(外文):Woei-Jiunn Tsaur
口試委員:楊豐兆王智弘
口試委員(外文):Feng-Chao YangChih-Hung Wang
口試日期:2014-07-02
學位類別:碩士
校院名稱:大葉大學
系所名稱:資訊管理學系碩士班
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2014
畢業學年度:102
語文別:中文
論文頁數:43
中文關鍵詞:開放原始碼惡意軟體AndroidRootkit
外文關鍵詞:Open SourceMalwareAndroidRootkit
相關次數:
  • 被引用被引用:0
  • 點閱點閱:247
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
隨著智慧型行動裝置逐漸普及化,資訊安全議題亦隨之而來,安全防護亦不容忽視。Android平台因為其優越與自由性讓不少消費者選擇使用,但是Google Play的上架制度審查不嚴謹的情形下,讓Android平台上的惡意軟體日漸氾濫。Rootkit其本身並無強大的破壞力,但Rootkit的隱藏技術如與其他惡意程式整合成為變異型Rootkit之後,將使得手機作業系統安全防衛亮起紅燈。因此,如何有效地避免手機被惡意軟體入侵,也就顯得格外重要。
而隨著智慧型行動裝置上的惡意軟體不斷推陳出新,Rootkit其隱藏的特性容易被有心人拿來包裝成為惡意軟體,進而達到其入侵目的。在現今的病毒感染中,我們可以知道網路傳輸過程是一大關鍵,是故本研究將針對於智慧型行動裝置中的Rootkit進行惡意軟體偵測。雖然開放原始碼Rootkit偵測工具能省成本且有一定的偵測能力,但相關文獻指出現有的開放式Rootkit偵測工具能力相當不足,故本研究將改良現有的開放式Rootkit偵測工具,以提升其偵測能力,保障現有的智慧型手機使用者安全。

With the increasing popularity of information security issues are also smart mobile devices attendant, security can not be ignored. Android platform because of its superior choice for many consumers with the freedom to use, but Google Play shelves without rigorous audit system under the circumstances, allow a malicious software on the Android platform is very rampant. After the fact, there is no strong Rootkit itself destructive, but hidden Rootkit technology if integration with other malware become variant Rootkit, will make the mobile phone operating system security and defense raised the alarm. Therefore, how to effectively prevent the phone is malware invasion, it is particularly important. With malicious software on smart mobile devices continues to introduce new, Rootkit hidden features likely to be used off packaged as malware, thus achieving its invasion purposes. In today's viral infection, we can know the network transmission is a major key, the actual occurrence of this study will be conducted in malicious software for smart mobile devices Rootkit detection. While open source Rootkit detection tool can save costs also have some ability to detect, but the relevant literature indicates that existing open Rootkit detection tool is quite insufficient capacity, this study will improve the existing open-Rootkit detection tools to improve its ability to detect, protect the safety of existing smartphone users.
中文摘要 ........................ iii
英文摘要 ........................ iv
致謝詞 ......................... v
內容目錄 ........................ vi
表目錄  ........................ viii
圖目錄  ........................ ix
第一章  緒論...................... 1
 1.1  研究背景與動機................. 1
 1.2  研究目的.................... 4
 1.3  研究限制.................... 5
 1.4  研究流程.................... 6
 1.5  論文架構.................... 9
第二章  文獻探討.................... 10
 2.1  Android資訊安全威脅.............. 10
 2.2  智慧型手機惡意軟體偵測機制.............12
 2.3  Rootkit的種類與隱藏技術............ 17
 2.4  Rootkit偵測技術................ 19
第三章 建構智慧型手機Rootkit偵測機制.........23
 3.1  整體Rootkit偵測架構.............. 23
 3.2  偵測機制設計.................. 24
 3.3  機制模組設計.................. 26
第四章  實驗設計與分析................. 30
 4.1  實驗環境.................... 30
 4.2  偵測機制測試.................. 30
 4.3  偵測能力分析.................. 34
第五章  結論與未來展望....................38
參考文獻......................39

[1] 網秦.2011年中國大陸地區手機安全報告[EB/OL].(2012-01-12)[2012-02-25]http://www.netqin.com/upload/File/baogao/20120112.pdf

[2] D. Titze, P. Stephanow, J. Schutte, A Configurable and Extensible Security Service, 2013 27th International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp1056-1062.

[3] New Android Malware Threat Arises –Could Potentially Bypass Google’s “Bouncer”, http://phandroid.com/2012/02/07/new-android-malware-threat-arises-bypasses-googles-bouncer/

[4] Specification: Business Process Execution Language for Web Services Version 1.1[OL]. http://www-106.ibm/developerworks/web-services/libyary/ws-bpel.

[5] 2013 ESET virus radar
http://www.virusradar.com/en/threat_encyclopaedia/filter

[6] A. Desnos,“Android: Static Analysis Using Similarity Distance,”2012 45th Hawaii International Conference on System Science (HICSS), , pp.5394,5403, 4-7 Jan. 2012.

[7] Y. Wu, B. Zhang, Z. Lai and J. Su,“Malware network behavior extraction based on dynamic binary analysis,”2012 IEEE 3rd International Conference on Software Engineering and Service Science (ICSESS),pp.316-320, 2012.

[8] L. Sun, S. Huang, Y. Wang and M.Huo,“Application Policy Security Mechanisms of Android System,”High Performance Computing and Communication & 2012 IEEE 9th International Conference on Embedded Software and Systems (HPCC-ICESS), 2012 IEEE 14th International Conference on,pp.1722-1725, 2012.

[9] J. Oberheide,”Android hax” Summercon,2010 https://jon.oberheide.org/files/summercon10-androidhax-jonoberheide.pdf

[10] Sezer, S.; McWilliams, G.; Muttik, I.; A New Android Malware Detection Approach Using Bayesian Classification:Advanced Information Networking and Applications (AINA),On27th International ConferenceIEEE,pp.121-128, 2011.

[11] An evaluation of Naive Bayesian anti-spam filtering:Proceedings of the workshop on Machine Learning in the New Information Age, G. Potamias, V. Moustakis and M. van Someren (eds.), 11th European Conference on Machine Learning, Barcelona, Spain, pp. 9-17, 2000.

[12] Tripwire.[Online] available:
http://www.tripwire.com[Mar. 18, 2013]

[13] D. Molina, M. Zimmerman, G. Roberts, M. Eaddie, and G. Peterson, Timely Rootkit Detection During Live Response,
Proceedings of IFIP International Federation for Information Processing, vol. 285, pp. 139-148, 2008.

[14] S. King et al., SubVirt: Implementing Malware with Virtual machines, Proceedings from the IEEE Symposium on Security and Privacy, pp. 314–327,2006.

[15] J. Rutkowska, Subverting Vista Kernel for Fun and Profit.
[Online] ailable: http://blackhat.com/presentations/bh-usa- 06/BH-US-06-Rutkowska .pdf [Apr 18,2013]

[16] M. Myers and S. Youndt, An Introduction to Hardware-Assisted Virtual Machine (HVM) Rootkits, White Paper of Crucial Security, 2007.

[17] D. A. D. Zovi, Hardware Virtualization Rootkits.
[Online] Available: http://www.theta44.org/software/HVM_Rootkits_ddz_bhusa-06.pdf [Apr 18, 2013]

[18] F. Wecherowski, A Real SMM Rootkit: Reversing and Hooking BIOS SMI Handlers, Phrack Magazine, 2009.

[19] R. Wojtczuk and J. Rutkowska, Attacking SMM Memory via Intel CPU Cache Poisoning, White Paper of Invisible Things Lab., 2009.

[20] N. Kumar and V. Kumar, Vbootkit: Compromising Windows Vista Security, Black Hat USA Conference, 2007.

[21] F. Gadaleta, N. Nikiforakis, Y. Younan and W. Joosen, Hello Rootkitty: A Lightweight Invariance-Enforcing Framework, Information Security, 2011.

[22] F. Gadaleta, N. Nikiforakis, J. Mühlberg and W. Joosen, Hyperforce: Hypervisor-Enforced Execution of Security-Critical Code, Information Security and Privacy, 2011.

[23] A. Baliga, V. Ganapathy and L. Iftode, Detecting Kernel-Level Rootkits Using Data Structure Invariants, IEEE Transactions on Dependable and Secure Computing, pp. 670 -684, 2011.

[24] M. Davis, S. Bodmer, and A. LeMasters. Hacking Exposed: Malware and Rootkits. New York: McGraw-Hill, 2009.

[25] G. Hoglund, Rootkits: Subverting the Windows Kernel, Addison-Wesley, 2005.

[26] Gmer [Online] available: http://www.gmer.net/ [Apr. 18, 2013]

[27] B. Blunden , The Rootkit Arsenal, Wordware Publishing, 2009.

[28] B. Cogswell and M. Russinovich, Rootkitrevealer [Online] available: http://technet.microsoft.com/en-us/sysinternals/bb897445[Apr. 14, 2013]

[29] TWCERT [Online] available: http://newsletter.certcc.org.tw/epaper/201109/tech2_2.html[Apr. 13, 2013]

[30] U.S. Patent No. 11/271327. Washington, DC: U.S., Patent and Trademark Office, 2010.

[31] Burdach M., Finding Digital Evidence in Physical Memory, Proceedings for Black Hat Federal
Conference, 2006.

[32] G. Garcia , Forensic Physical Memory Analysis: An Overview of Tools and Techniques, Proceedings for TKK T- 110.5290 Seminar on Network Security, 2007.

[33] S. Romana, A.K. Jha, H. Pareek, P.R.L. Eswari, Evaluation of Open Source Anti-Rootkit Tools (WATeR),Workshop on Anti-malware Testing Research, pp. 1 -6, 2013.

[34] Smartphone OS Market Share, Q1 2014
http://www.idc.com/prodserv/smartphone-os-market-share.jsp

QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊
 
系統版面圖檔 系統版面圖檔