摘要
随着Android成为全球市场占有率第一的智能手机操作系统,其平台上的恶意程序也呈爆发趋势,尤其是Android应用的隐私泄露问题日趋严重。随着技术的发展,Android应用隐私泄露的隐蔽性越来越高,检测难度越来越大,例如使用反射技术来隐藏隐私泄露的操作。面对这一挑战,对Android应用程序的伪代码进行检测分析,并对伪代码中出现的反射调用检测提出新的分析方法,通过将反射调用的参数进行组合还原为标准的函数调用,使得反射调用显式化,从而检测出原本没法检测确认的隐私泄露行为。在此基础上设计实现了Android应用隐私泄露的静态检测工具,并通过对市场上的普通应用软件和收集的恶意程序进行实验分析,验证了分析方法和工具的有效性。
When Android becomes the smartphone operating system with largest global market share,the malicious applications is booming on its platform. In particular,privacy leak problems in Android applications are getting worsening. With the development of technology,the concealment of privacy leaks in Android applications grows high increasingly,and its detection becomes more and more difficult as well,for instance,using reflection technique to hide the privacy leak operations. Facing such challenge,in this paper we detect and analyse the pseudo-code of Android applications and propose a new analysis approach for detecting the reflection callings occurring in pseudo-code. Through re-constructing the reflection calling's arguments and restoring it to the standard calling,we make the reflection calling explicit,so that those privacy leak behaviours which cannot be found and confirmed previously are detected. Based on this work,we design and implement a static detection tool for Android applications privacy leak. At last,the effectiveness of the proposed approach and tool is validated by the experiments and analyses on benign applications from Android market and the malicious applications collected from Internet.
出处
《计算机应用与软件》
CSCD
2015年第3期297-301,316,共6页
Computer Applications and Software
基金
信息网络安全公安部重点实验室开放基金课题(C12613)
