基于Android签名及敏感权限分组的安全检测系统

基于Android的系统架构和安全机制,设计并实现了用于检测手机恶意应用App的系统.此系统通过对Android应用程序APK文件的签名及敏感权限分组的检测,有效判定恶意应用意图,排除安全隐患,从而保护用户权益.     

Google SafetyNet中Root检测机制安全性研究

Android系统中的Root是指利用系统漏洞或者通过刷机使得应用能够执行需要Root权限的操作.用户常常出于个性化设备、安装特权应用等目的将设备Root,而对设备Root会引入很大的安全风险.攻击方得到Root权限后可以进行静默安装恶意应用、窃取用户敏感数据及篡改应用程序等恶意操作.由于上述安全风险的存在,Android系统和大多数应用程序不希望设备被Root.为此,Google移动服务框架中的SafetyNet模块提供了平台级的Root检测.但SafetyNet Root检测机制本身的安全性及健壮性尚不完全清晰,突出的问题是此机制是否可能被绕开还不明了.为此,本文使用逆向工程的方法分析了Google移动服务框架中SafetyNet的Root检测机制,并结合Root的技术原理,分析了相关检测机制的实现方式并发现了其中的弱点.通过攻击实验,成功地揭示了Google平台级Root检测机制实现中存在有较高的安全风险,难以检测本文设计的Root方法.      

Android恶意广告威胁分析与检测技术

Android第三方广告框架应用广泛,但Android系统漏洞和Android第三方广告框架的逻辑缺陷严重威胁着Android市场安全。攻击者可以通过恶意广告获取敏感数据、触发敏感操作,甚至是以应用程序的权限执行任意代码。该文总结了4种Android恶意广告攻击方式,并针对这4种方式设计了一种基于后向切片算法和静态污点分析的Android第三方广告框架静态测量方法,以及一种基于API Hook和靶向API Trace的Android恶意广告敏感行为动态检测方法。基于以上研究,该文设计并实现了Android恶意广告威胁分析与检测系统,通过实例证明该系统能够有效地分析Android第三方广告框架可能存在的安全隐患,并能够动态检测Android恶意广告的敏感行为。     

基于Markov链模型的Android平台恶意APP检测研究

目前Android手机上恶意APP安全检测方法大致分为两种,静态检测和动态检测.静态检测利用逆向分解手机安装文件,对APP安装文件进行分解,提取其代码特征和正常应用样本数据库中样本进行对比,判定APP是否存在恶意行为.动态监测基于对系统信息和应用行为的监控结果来判断APP是否为恶意应用.静态方法由于样本库规模的的限制很难检测病毒变种和新型病毒,动态检测需要事实监控系统行为,占用大量手机资源并且检测识别率不高.本文以Markov链模型为基础结合了动态监控应用行为和用户行为的方法得出的Android平台恶意APP检测方法.最后结合静态检测对apk文件进行分析,以增加动态监控方法的准确性.     

基于沙盒的Android应用风险行为分析与评估

Android是移动领域市场占有率最高的操作系统,其开源的系统、海量的应用使得Android的用户量与日俱增,因此Android的安全问题受到业界的高度重视和广泛关注,特别是Android设备上大量涌现的恶意应用,已成为Android生态圈发展所面临的重大问题。该文基于Android4.1.2设计并实现了一个沙盒,能够对Android系统中应用的行为进行动态监视和记录;提出了一种基于行为分析的应用风险评估方法,以便用户对相关应用的风险有一个明确的预判,从而提高和保障用户的安全;通过对恶意应用和正常应用的样本分别进行实验和分析,验证了该文所提出方法的有效性。     

基于特征分析Android恶意应用检测方法的研究

Android是目前广泛应用的移动操作系统,也是恶意软件首选的攻击目标。为了在恶意应用发布和攻击用户前将其分析、识别出来,文中提出了一种动态检测Android应用是否具有恶意行为的方法,该方法基于及其学习和对Android API调用和系统调用痕迹的特征提取,最终能够得到96%的检测率。     

采用函数调用关系的注入型Android恶意应用检测

针对注入型Android恶意应用日益泛滥、传统检测方法依赖大量已知特征的问题,提出了采用函数调用关系的注入型Android恶意应用检测方法。该方法无须依赖大量已知特征,仅通过分析注入型Android恶意应用的自身结构特征即可实现对该类恶意应用的有效检测,并能够实现对未知恶意代码家族的识别。所提方法在smali代码的基础上构建函数调用关系图,并进一步进行子图划分,通过判定各子图威胁度确定是否存在恶意行为。检测过程无需动态行为分析辅助,因此分析检测时间短、效率高。该方法不仅可以检测出Android应用是否存在恶意行为,还可根据子图威胁度确定包含恶意行为的具体代码。经过对1 260个Android恶意应用和1 000个正常应用的实验分析发现:所提方法能够很好地检测注入型Android恶意应用,当误报率为8.90%的时候,检测率达到95.94%,相对于主流Android恶意应用检测系统Androguard,检测效果有显著提升。     

二维权限设置在道路运输管理系统中的实现

权限设置是MIS系统安全核心组成部分.常规的授权方式是基于角色和用户进行授权,能够实现一维权限管理.针对用户和进行授权,工作量巨大,在对大型企事业单位多层次管理时几乎不能实现;针对角色进行授权,工作量虽有减轻,但会出现权责不明和数据操作权限混淆的情况.作者介绍了二维权限设置的模型,以及实现方式,提出了一种基于二维的权限管理,其核心思想是机构和用户的自维护,该方式既考虑到了减少系统管理员的工作量,又兼顾了数据操作的安全性和系统最高管理员的唯一性.这一管理模式,正广泛运用于重庆市道路运输管理系统,经过重庆市42个运输管理部门使用证明效果良好.     

一种基于权限的安卓恶意软件检测方法

针对基于特征代码的Android恶意软件检测方法难以检测未知恶意程序,且基于行为的检测方法误报率较高的问题,提出了一种基于权限的Android恶意软件检测方法.该方法首先在静态分析的基础上,结合动态行为分析提取权限特征;然后,采用权限特征关联分析方法,挖掘权限特征之间的关联规则;最后,基于朴素贝叶斯分类算法,建立恶意应用检测模型.实验结果表明,与现有方法相比,本文方法建立的恶意应用模型具有较高的检测率和准确率.     

基于AHP的安卓应用安全信用指数度量方法

在Android移动应用市场上,由于Android系统的高度开放性和广泛普及性,Android应用面临着被恶意注入、二次打包等严重安全风险。传统Android软件安全度量技术的度量精度可确定软件的安全等级,但无法满足软件信用精确度量和安全指数排序的现实需求。针对上述问题,该文通过对Android软件逆向分析,根据不同权限安全等级划分,给定安全范围内的安全系数,引入层次分析法(analytic hierarchy process,AHP)评估模型,对Android软件进行初步安全评分。同时结合Android软件的认证强度和第三方应用市场上的违规记录,再次使用AHP综合度量软件的最终安全信用指数。实验结果表明:该度量方法有效可行,可在精度允许的范围内,精确度量Android软件的安全信用指数。     

Markedness and its Interpretation in Language Use

Language markedness is a common phenomenon in languages, and is reflected from hearing, vision and sense, i.e. the variation in the three aspects such as phonology, morphology and semantics. This paper focuses on the interpretation of markedness in language use following the three perspectives, i.e. pragmatic interpretation, psychological interpretation and cognitive interpretation, with an aim to define the function of markedness.     

Lower Paleozoic oil relationships within Williston Basin, Canada

The Williston Basin is a significant petroleum province, containing oil production zones that include the Middle Cambrian to Lower Ordovician, Upper Ordovician, Middle Devonian, Upper Devonian and Mississippian and within the Jurassic and Cretaceous. The oils of the Williston Basin exhibit a wide range of geochemical characteristics defined as "oil families", although the geochemical signature of the Cambrian Deadwood Formation and Lower Ordovician Winnipeg reservoired oils does not match any "oil family". Despite their close stratigraphic proximity, it is evident that the oils of the Lower Palaeozoic within the Williston Basin are distinct. This suggests the presence of a new "oil family" within the Williston Basin. Diagnostic geochemical signatures occur in the gasoline range chromatograms, within saturate fraction gas chromatograms and biomarker fingerprints. However, some of the established criteria and cross-plots that are currently used to segregate oils into distinct genetic families within the basin do not always meet with success, particularly when applied to the Lower Palaeozoic oils of the Deadwood and Winnipeg Formation.     

An Analysis of Catherine＇s Character——Wuthering Heights

Wuthering Heights, Emily Bronte＇s only novel, was published in December of 1847 under the pseudonym Ellis Bell. The book did not gain immediate success, but it is now thought one of the finest novels in the English language. Catherine is the key character of this masterpiece, because everybody and everything center on her though she had a short life. We can understand this masterpiece better if we know Catherine well.     

Features of Women's language

Language is a means of verbal communication. People use language to communicate with each other. In the society, no two speakers are exactly alike in the way of speaking. Some differences are due to age, gender, statue and personality. Above all, gender is one of the obvious reasons. The writer of this paper tries to describe the features of women＇s language from these perspectives： pronunciation, intonation, diction, subjects, grammar and discourse. From the discussion of the features of women＇s language, more attention should be paid to language use in social context. What＇s more, the linguistic phenomena in a speaking community can be understood more thoroughly.     

Characterization of Ordovician carbonate reservoirs, southeastern Saskatchewan, Canada

The discovery of the prolific Ordovician Red River reservoirs in 1995 in southeastern Saskatchewan was the catalyst for extensive exploration activity which resulted in the discovery of more than 15 new Red River pools. The best yields of Red River production to date have been from dolomite reservoirs. Understanding the processes of dolomitization is, therefore, crucial for the prediction of the connectivity, spatial distribution and heterogeneity of dolomite reservoirs.The Red River reservoirs in the Midale area consist of 3～4 thin dolomitized zones, with a total thickness of about 20 m, which occur at the top of the Yeoman Formation. Two types of replacement dolomite were recognized in the Red River reservoir: dolomitized burrow infills and dolomitized host matrix. The spatial distribution of dolomite suggests that burrowing organisms played an important role in facilitating the fluid flow in the backfilled sediments. This resulted in penecontemporaneous dolomitization of burrow infills by normal seawater. The dolomite in the host matrix is interpreted as having occurred at shallow burial by evaporitic seawater during precipitation of Lake Almar anhydrite that immediately overlies the Yeoman Formation. However, the low δ18O values of dolomited burrow infills (-5.9‰～ -7.8‰, PDB) and matrix dolomites (-6.6‰～ -8.1‰, avg. -7.4‰ PDB) compared to the estimated values for the late Ordovician marine dolomite could be attributed to modification and alteration of dolomite at higher temperatures during deeper burial, which could also be responsible for its 87Sr/86Sr ratios (0.7084～0.7088) that are higher than suggested for the late Ordovician seawaters (0.7078～0.7080). The trace amounts of saddle dolomite cement in the Red River carbonates are probably related to "cannibalization" of earlier replacement dolomite during the chemical compaction.     

Design and analysis of generic LBS application developing platform

Location based services is promising due to its novel working style and contents.A software platform is proposed to provide application programs of typical location based services and support new applications developing efficiently. The analysis shows that this scheme is easy implemented, low cost and adapt to all kinds of mobile nework system.     

橡胶颗粒沥青混合料低温抗裂性试验研究

以AC-13级配为基础,将橡胶颗粒代替部分集料掺入混合料中,以低温弯曲试验为评价方法对不同橡胶颗粒掺量下沥青混合料的低温抗裂性进行研究,并引入应变能密度值对混合料的低温抗裂性进行综合评价.试验结果表明:橡胶颗粒沥青混合料试件的破坏微应变均超过2 300,满足冬寒区的技术指标;无论是否掺加橡胶颗粒,随着温度的下降,沥青混合料破坏时的最大弯拉强度增大,弯拉应变降低,劲度模量增大;弯曲应变能密度在胶粒掺量为1%左右时具有较大的弯曲应变能密度值,此时橡胶颗粒沥青混合料具有较好的低温抗裂性.     

低渗透非均质砂岩油藏启动压力梯度研究

理论推导与室内实验相结合,建立了低渗透非均质砂岩油藏启动压力梯度确定方法。首先借助油藏流场与电场相似的原理,推导了非均质砂岩油藏启动压力梯度计算公式。其次基于稳定流实验方法,建立了非均质砂岩油藏启动压力梯度测试方法。结果表明:低渗透非均质砂岩油藏的启动压力梯度确定遵循两个等效原则。平面非均质油藏的启动压力梯度等于各级渗透率段的启动压力梯度关于长度的加权平均;纵向非均质油藏的启动压力梯度等于各渗透率层的启动压力梯度关于渗透率与渗流面积乘积的加权平均。研究成果可用于有效指导低渗透非均质砂岩油藏的合理井距确定,促进该类油藏的高效开发。     

Quantitative trait loci （QTLs） for quality traits related to protein and starch in wheat

Quality traits in wheat （Triticum aestirum L.） were studied by quantitative trait locus （QTL） analysis in a recombinant inbred line （RIL） population, a set of 131 lines derived from Chuan 35050 × Shannong 483 cross （ChSh）. Grains from RILs were assayed for 21 quality traits related to protein and starch. A total of 35 putative QTLs for 19 traits with a single QTL explaining 7.99-40.52% of phenotypic variations were detected on 10 chromosomes, 1D, 2A, 2D, 3B, 3D, 5A, 6A, 6B, 6D, and 7B. The additive effects of 30 QTLs were positive, contributed by Chuan 35050, the remaining 5 QTLs were negative with the additive effect contributed by Shannong 483. For protein traits, 15 QTLs were obtained and most of them were located on chromosomes 1 D, 3B and 6D, while 20 QTLs for starch traits were detected and most of them were located on chromosomes 3D, 6B and 7B. Only 7 QTLs for protein and starch traits were co-located in three regions on chromosomes 1D, 2A and 2D. These protein and starch trait QTLs showed a distinct distribution pattern in certain regions and chromosomes. Twenty-two QTLs were clustered in 6 regions of 5 chromosomes. Two QTL clusters for protein traits were located on chromosomes 1D and 3B, respectively, three clusters for starch traits on chromosomes 3D, 6B and 7B, and one cluster including protein and starch traits on chromosome 1D.     

On Tragic Consciousness In The Works By Ernest Hemingway

As an American modern novelist who were famous in the literary world, Hemingway was not a person who always followed the trend but a sharp observer. At the same time, he was a tragedy maestro, he paid great attention on existence, fate and end-result. The dramatis personae's tragedy of his works was an extreme limit by all means tragedy on the meaning of fearless challenge that failed. The beauty of tragedy was not produced on the destruction of life, but now this kind of value was in the impact activity. They performed for the reader about the tragedy on challenging for the limit and the death.