中文摘要：

AndroidPermission机制作为一种粗粒度的访问控制机制，不能有效地阻断应用程序对系统资源的滥用，使得Android恶意代码容易借此实施攻击．因此，在AndroidPermission机制的基础上提出了基于行为的Android系统资源访问控制方案，对应用程序访问系统资源的行为进行规范，防止系统资源被滥用而破坏系统安全。该方案利用TLCK（temporallogicofcausalknowledge）时序逻辑描述语言，为与系统安全相关的关键系统资源访问定义安全的行为模式，并对应用程序执行过程中的行为进行动态监视，通过比对应用程序的动态行为模式和资源访问要求的安全行为模式，实施访问控制．与基于恶意行为特征的恶意代码检测方案相比，安全的资源访问行为模式更容易定义，并且能够应对未知攻击．最后，针对占Android恶意代码比例最高的短信（shortmessageservice，SMS）攻击，对系统中的SMS资源进行细粒度、基于行为的访问控制实现，并通过验证实验证明，该方案具有良好的效能和性能表现．

英文摘要：

As a coarse-grained access control mechanism, Android permission model cannot effectively prevent the applications from abusing system resources to launch attacks. In this paper, a behavior- based system resources access control scheme is proposed, to regulate the applications＇ behavior in their system resources accessing and prevent the resources from being abused by applications. Firstly, we define a secure behavior pattern for each security-related critical system resource access operation using temporal logic of causal knowledge （TLCK） logic, and dynamically monitor the behavior of the applications. Then, the access control to these system resources is implemented through comparing the applications＇ dynamic behavior with the resources＇ secure behavior patterns. Compared with the malicious code detection schemes based on malicious behavior signatures, secure behavior patterns are easier to be defined and can be used to detect unknown attacks. Finally, we achieve a behavior-based resources access control system for short message service （SMS） attacks, the most preferred attacks for Android. And the experimental results demonstrate that this scheme has good performance in terms of effectiveness and efficiency.