InsightDroid-动态追踪Android应用方法

InsightDroid—Dynamic Method Trace in Android Applications

随着Android平台的快速发展,第三方应用出现大量安全漏洞.一般而言,作为应用分析的第一步,研究人员需要运行Android应用观察其运行时特征.然而,现有的动态分析方法如Taint Droid,必须运行于定制的沙盒环境中,鲁棒性和兼容性存在局限.本文提出一种动态分析系统——Insight Droid,该系统使用动态插桩技术追踪目标应用的成员方法,以帮助研究人员洞悉应用运行时特征对应的本质代码.作者已在多个设备的不同Android版本中成功加载了Insight Droid,证明该系统相较TaintDroid而言,拥有更好的兼容性.此外,选取了10个闭源应用和50个开源应用对Insight Droid进行评估,结果表明Insight Droid可以成功追踪目标应用的方法并有效反馈敏感API的调用,追踪成功率分别为100%和83%.

With the rapid development of Android platform, there are many security vulnerabilities in the alternative applications. As the first step of applications analysis, generally, researchers would like to observe applications＇runtime features dynamically. However, traditional dynamic analysis methods such as TaintDroid, are required to work in a custom sandbox and have limitation in robustness and compatibility. This paper presents InsightDroid, a dynamic analysis system using dynamic instrumentation technique for tracing tar- get methods to help researchers having insight into Android applications＇runtime features. The authors evaluate InsightDroid on differ- ent devices with multiple Android versions to prove that the system has better compatibility than TaintDroid. They also present an eval- uation of InsightDroid with 10 closed source applications, as well as 50 open source applications. The results show that InsightDroid can trace methods of target applications successfully and notify users effectively when some sensitive APIs are invoked. The success rates are 100% and 83% respectively.