In section 2, we will review the property of exiting mobile malware analysis mechanism. And we will overview the characteristics of malicious events on smart mobile device on section 3. Based on it, we will present a proposed event aggregation and Vulnerability monitoring mechanism on section 4 with functional comparison results.