In this paper, a dynamic Android APP security evaluation method for average users is presented and a prototype based on this method is implemented. Firstly, a tailored Android system emulator AVD is implemented through introducing API calls monitoring codes in the Dalvik virtual machine of AVD. Secondly, with Python, we implemented an AVD control Script program. This program may take advantage of adb instructions and Monkey tool to load APP being tested on AVD and record test results. Finally, we implemented APP test service access interface in Web form.%文章设计了一种面向普通用户的Android APP安全性动态分析方法并实现了原型系统.首先,借助于具有API调用监测功能的扩展Dalvik虚拟机对Android系统模拟器AVD进行定制,实现Android APP运行行为的动态分析;然后,使用adb 和 Monkey工具,在通用服务平台上,完成对运行在AVD中的APP程序用户行为模拟测试;最后,基于Web方式,实现了检测服务的用户访问接口.
展开▼
