全部 标题 作者
关键词 摘要

OALib Journal期刊
ISSN: 2333-9721
费用:99美元
投递稿件

查看量下载量

相关文章

更多...
-  2015 

一种基于权限控制机制的Android系统隐蔽信道限制方法
A new mitigation approach for covert channel of Android operating system based on permission mechanism

DOI: 10.7523/j.issn.2095-6134.2015.05.013

Keywords: Android,隐蔽信道,权限控制机制,Android传感器,隐蔽信道限制
Android,covert channel,permission mechanism,Android sensors,covert channel mitigation

Full-Text   Cite this paper   Add to My Lib

Abstract:

摘要 移动智能终端凭借全新的体系结构、安全机制、丰富的传感设备及应用,在国内拥有近5亿台的市场.然而这些新特性却导致了比经典的攻击行为更复杂的新安全问题——移动智能终端隐蔽信道,泄漏用户隐私.针对Android移动智能终端这种新的复杂环境,目前仍缺乏有效的消除限制方法.本文将Android系统隐蔽信道分成基于共享资源的智能终端隐蔽信道和基于传感器设备的隐蔽信道两种基本模型,并深入研究传感器隐蔽信道的形成机理.通过对Android系统权限控制安全机制的分析,扩展权限控制机制的保护范围,设计和实现了基于权限控制机制的Android系统传感器隐蔽信道限制方法.实验证明该方法在实际的隐蔽信道限制中能够达到限制效果.

 References

[1]  <p> Zhou Y J, Jiang X X. Detecting passive content leaks and pollution in Android applications[C]//Proc of the 20th Annual Network and Distributed System Security Symposium (NDSS'13). San Diego, California, USA, 2013:1-16.
[2]  Grace M, Zhou Y J, Zhang Q, et al. RiskRanker:scalable and accurate zero-day android malware detection[C]//Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services (MobiSys'12). Low Wood Bay, Lake District, UK, 2012:281-294.
[3]  Enck W, Octeau D, Mcdaniel P, et al. A study of android application security[C]//Proceedings of the 20th USENIX Conference on Security. San Francisco, California, USA; USENIX Association,2011:21-36.
[4]  Schlegel R, Zhang K H, Zhou X Y, et al. Soundcomber:a stealthy and context-aware sound trojan for smartphones[C]//Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS'11). San Diego, California, USA,2011:17-33.
[5]  Lampson B W. A note on the confinement problem[J]. Commun ACM, 1973, 16(10):613-615.
[6]  La Polla M, Martinelli F, Sgandurra D. A survey on security for mobile devices[J]. IEEE Communications Surveys & Tutorials, 2012, 15(1):446-471.
[7]  王永吉, 吴敬征, 曾海涛,等. 隐蔽信道研究[J]. 软件学报, 2010, 21(9):2262-2288.
[8]  Cai L, Chen H. TouchLogger:inferring keystrokes on touch screen from smartphone motion[C]//Proceedings of the 6th USENIX Conference on Hot Topics in Security. San Francisco, California, USA; USENIX Association. 2011,9-14.
[9]  Wu J Z, Wu Y J, Yang M T, et at. Vulnerability detection of Android system in fuzzing cloud[C]//Proceedings of the 2013 IEEE Sixth International Conference on Cloud Computing. IEEE Computer Society, 2013:954-955.

Full-Text

Contact Us

service@oalib.com

QQ:3279437679

WhatsApp +8615387084133