|
|
- 2015
基于有向信息流的Android隐私泄露类恶意应用检测方法
|
Abstract:
摘要 Android系统占据智能移动终端市场81.9%的份额,预计还会持续增长.同时,针对Android系统的恶意应用日益增多,Android恶意应用程序检测技术已经成为安全领域研究的热点问题.本文提出一种基于有向信息流的针对Android隐私泄漏类恶意应用的检测方法.该方法首先反编译应用程序,分析配置文件中的权限申明;基于隐私点数据集构建隐私数据有向信息流模型;通过在信息流模型中对隐私点的跟踪分析,检测隐私数据是否被发送出去而导致信息泄漏.该方法在对Android第三方市场的7 985个应用程序检测中,发现357个恶意应用.通过实验方式验证了检测结果的准确性.结果表明该方法对Android隐私泄露类恶意应用具有很好的检测效果.
| [1] | <p> La Polla M, Martinelli F, Sgandurra D. A survey on security for mobile devices[J]. IEEE Communications Surveys & Tutorials, 2012, 15(1):446-471. |
| [2] | Grace M, Zhou Y J, Zhang Q, et al. RiskRanker:scalable and accurate zero-day Android malware detection[C]//Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services (MobiSys'12). Low Wood Bay, Lake District, UK. 2012:281-294. |
| [3] | Zhou Y J, Jiang X X. Detecting passive content leaks and pollution in android applications[C]//Proc of the 20th Annual Network and Distributed System Security Symposium (NDSS'13). San Diego, California, USA. 2013:1-16. |
| [4] | 刘潇逸, 崔翔, 郑东华,等. 一种基于Android系统的手机僵尸网络[J]. 计算机工程, 2011, 37(19):1-5. |
| [5] | 杨珉, 王晓阳, 张涛,等. 国内Android应用商城中程序隐私泄露分析[J]. 清华大学学报:自然科学版, 2012, 52(10):1 420-1 426. |
| [6] | Rastogi V, Chen Y, Jiang X X. DroidChameleon:evaluating Android anti-malware against transformation attacks[C]//Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security. Hangzhou, China; ACM. 2013:329-334. |
| [7] | Zhou W, Zhang X W, Jiang X X. AppInk:watermarking android apps for repackaging deterrence[C]//Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security. Hangzhou, China; ACM. 2013:1-12. |
| [8] | Suarez-Tangil G, Tapiador J E, Peris-Lopez P, et al. Dendroid:a text mining approach to analyzing and classifying code structures in Android malware families[J]. Expert Systems with Applications, 2014, 41(4):1 104-1 117. |
| [9] | 蒋绍林, 王金双, 张涛,等. Android安全研究综述[J]. 计算机应用与软件, 2012, 29(10):205-210. |
| [10] | 王浩宇, 王仲禹, 郭耀,等. 基于代码克隆检测技术的Android应用重打包检测[J]. 中国科学:信息科学, 2014, 44(1):142-157. |
| [11] | Tsai C R, Gligor V D, Chandersekaran C S. On the identification of covert storage channels in secure systems[J]. Software Engineering, IEEE Transactions on, 1990, 16(6):569-580.</p> |
| [12] | 龚炳江, 唐宇敬. Android平台下软件安全漏洞挖掘方法研究[J]. 计算机应用与软件, 2014, 31(1):311-314,333. |
| [13] | 杨欢, 张玉清, 胡予濮,等. 基于权限频繁模式挖掘算法的Android恶意应用检测方法[J]. 通信学报, 2013, 34(Z1):106-115. |
| [14] | Denning D E. A lattice model of secure information flow[J]. Commun ACM, 1976, 19(5):236-243. |
