The Android system is one of the most of the application system of the network users, and with the development of science and technology, the software for malicious behavior Android system has gradually increased, brought great threat to the application of the user's current property and personal information security, severe delay on the current mobile communication network technology and extension on application client. According to the specific mechanism of Android system to design a Binder based on the information flow of the automatic detection system of malicious behavior, in order to solve the negative impact of the current network security system for Android users. According to the application communication information in the current network, the application software of the possible leakage user information is detected, and the information vector is built to analyze the malicious behavior in the current network. Through testing the software of practicability and detect, the results showed that the recognition rate can reach 100%, software occupies only 7% memory. Results can reach the current Android user usage.