Abstract:Android system with its excellent characteristics quickly seize the mobile phone market. However, the open source of Android leads to Android frequent security problems. A large number of malicious applications on the third party market have brought great harm to people's privacy and property security. Among them, repackaged malicious applications accounted for the largest proportion which was 86%. In the repackaging application detection, researchers have done a lot of experimental research and designed the detection engine. But in the past, the detection engine has the disadvantages of high complexity and low accuracy. In this paper, we design an anti-obfuscation method for detecting malware based on centroid processing and hierarchical analysis. This method carries on static analysis to the intermediate code after compilation. The centroid algorithm is used to detect the similarity between applications, locating suspicious code segments by comparison between similar applications. Combining the analytic hierarchy process (AHP) and weighted FP-growth algorithm, the suspicious malicious code segments are judged. The experiment results show that this method has good effect in the detection of Android repackaged malicious applications.
2017, Vol. 3 
