Android上的入侵偵測系統

Abstract

當手機的功能變得越來越強大，並且在結合了WIFI上網功能之後，我們該如何確保手機的安全性？我們或多或少都會在手機裡面儲存一些重要資訊，舉凡：通訊錄，簡訊內容，用手機拍下的照片，其重要性不亞於電腦中的各種檔案，或者可說是更敏感的個人資料。Android系統是由Linux系統當作基礎，並且加上JAVA framework所構成，目前Android被廣泛地使用在手機上並且當作一個作業系統，Android上的安全性還沒有辦法完全被確保，所以我們將Snort，一個Linux平台上相當熱門的入侵偵測系統，移植到Android手機中，並利用Snort的強大功能封包檢查功能以確保手機在上網時的安全。

When the cell phone becomes more and more sophisticated, and the wireless network has been integrated with the cell phone network, how do we ensure that the cell phone has the security features? In Android, an open source embedded system developed by Google, although by its Linux-based design, there are not that many attacks exist, but sooner or later, the virus, the Trojan horse, or even worms will be developed for the Android platform. Back to the basic point of view, how can we ensure the security when we are surfing on the internet? The most trivial and important way to ensure the security is to scan the packets that flow in our cell phone. We present Snort, a popular intrusion detection system, on Android platform and with its powerful ability, we can detect that if there are malicious contents in the packet flow.