期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于沙盒的Android应用风险行为分析与评估 被引量:7

Assessment of Android application's risk behavior based on a sandbox system
原文传递
导出
摘要 Android是移动领域市场占有率最高的操作系统,其开源的系统、海量的应用使得Android的用户量与日俱增,因此Android的安全问题受到业界的高度重视和广泛关注,特别是Android设备上大量涌现的恶意应用,已成为Android生态圈发展所面临的重大问题。该文基于Android4.1.2设计并实现了一个沙盒,能够对Android系统中应用的行为进行动态监视和记录;提出了一种基于行为分析的应用风险评估方法,以便用户对相关应用的风险有一个明确的预判,从而提高和保障用户的安全;通过对恶意应用和正常应用的样本分别进行实验和分析,验证了该文所提出方法的有效性。 Android has become the most popular operating system on mobile devices. However, the Android is an open source system with billions of applications. More users are choosing Android, so Android security problems are receiving much attention in the industry. Android of malware is already a major problem and cannot be avoided in the Android ecosystem. This paper describes a sandbox system based on Android 4.1.2 which can dynamically monitor and record application behavior. A risk assessment approach based on behavior analysis is given so that users can get an explicit risk prognosis for an application to improve their safety. Tests on malware and normal application samples verify the effectiveness of this risk assessment approach.
作者 李舟军 吴春明 王啸
机构地区 北京航空航天大学计算机学院 国家计算机网络应急技术处理协调中心
出处 《清华大学学报(自然科学版)》 EI CAS CSCD 北大核心 2016年第5期453-460,共8页 Journal of Tsinghua University(Science and Technology)
基金 国家自然科学基金资助项目(61170189 61370126 61502536) 教育部博士点基金资助项目(20111102130003) 国家"八六三"高技术项目(2015AA016004)
关键词 ANDROID应用 沙盒 行为分析 风险评估 Android applications sandbox behavior analysis risk assessment
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献14

  • 1SCAP中文社区. Android漏洞信息库[Z/OL]. (2013-12-20). http://android.scap.org.cn.
  • 2赛门铁克安全响应中心. 《互联网安全威胁报告》[Z/OL]. http://www.symantec.com/zh/cn/security_response/publications/threatreport.jsp.
  • 3张玉清,王凯,杨欢,方喆君,王志强,曹琛.Android安全综述[J].计算机研究与发展,2014,51(7):1385-1396. 被引量:94
  • 4Enck W, Gilbert P, Chun B G, et al. TaintDroid:An information flow tracking system for real-time privacy monitoring on smartphones[J].Communications of the ACM, 2014,57(3):99-106.
  • 5Reina A, Fattori A, Cavallaro L. A system call-centric analysis and stimulation technique to automatically reconstruct Android malware behaviors[C]//Proceedings of European Workshop on Systems Security. Prague, Czech Republic:EuroSec, 2013:135-141.
  • 6Wei X, Gomez L, Neamtiu I, et al. ProfileDroid:Multi-layer profiling of Android applications[C]//Proceedings of the 18th Annual International Conference on Mobile Computing and Networking. Istanbul, Turkey:ACM, 2012:137-148.
  • 7Yan L K, Yin H. DroidScope:Seamlessly reconstructing the OS and dalvik semantic views for dynamic Android malware analysis[C]//Proceedings of the 21st USENIX Conference on Security Symposium. Washington DC, USA:USENIX Security Symposium, 2012:569-584.
  • 8Zhang Y, Yang M, Xu B, et al. Vetting undesirable behaviors in Android apps with permission use analysis[C]//Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security. Hangzhou, China:ACM, 2013:611-622.
  • 9Chen K Z, Johnson N M, D'Silva V, et al. Contextual policy enforcement in Android applications with permission event graphs[C]//Proceedings of 20th Annual Network & Distributed System Security Symposium. San Diego, USA:NDSS, 2013.
  • 10Wu D J, Mao C H, Wei T E, et al. Droidmat:Android malware detection through manifest and API calls tracing[C]//Information Security (Asia JCIS), 2012 Seventh Asia Joint Conference. Tokyo, Japan:IEEE, 2012:62-69.

二级参考文献48

  • 1杨欢,张玉清,胡予濮,刘奇旭.基于权限频繁模式挖掘算法的Android恶意应用检测方法[J].通信学报,2013,34(S1):106-115. 被引量:47
  • 2Gartner. Worldwide smartphone sales in Q3 2013 [EB/OL]. [ 2014- 01-08 ]. http://www, gartner, com/newsroom/id/ 2623415.
  • 3AppBrian Stats. Number of available Android applications [EB/OL]. [2014-01-08]. http://www, appbrain, com/stats/.
  • 4Consumer Reports. Keep your phone safe-How to protect yourself from wireless threat [EB/OL].[ 2014-01-08 ]. http ://www. eonsumerreports, org/ero/net0613, htm # info.
  • 5TrustGo. BSides Las Vegas: Your droid has no clothes [EB/OL]. [2014-01-08]. http://blog, trustlook, corn/.
  • 6National Vulnerability Database. Vulnerability summary for eVE 2012-0056 [EB/OL]. [2013-12-09]. http..//web, nvd. nist. gov[view]vulnldetail?vulnId=CVE-2012-OO56&cid= 2.
  • 7Nakamura Y, Sameshima Y. SELinux for electronics devices [C]//Proe of Linux Symp. Ottawa:Linux Symp Inc, 2008: 125-133.
  • 8Bugiel S, Davi L, Dmitrienko A, et al. Practical and lightweight domain isolation on android [C] //Proc of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. New York: ACM, 2011:51-62.
  • 9Smalley S, Craig R. Security enhanced (SE) Android: bringing flexible MAC to Android [C/OL] //Proc of the 20th Annual Network and Distributed System Security Syrup. 2013 [2014-03-20]. http://www, internetsociety, org/events/ ndss-symposium- 2013 / papers-and- pr esentations.
  • 10Kim S H, Han D, Lee D H. Predictability of Android OpenSSL's pseudo random number generator [C] //Proc of the 2013 ACM SIGSAC Conf on Computer Communications Security. New York: ACM, 2013:659-668.

共引文献93

同被引文献26

引证文献7

二级引证文献26

清华大学学报(自然科学版)
2016年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部