摘要
Android平台应用数量迅速增长,随之而来的安全问题也日益增多。但现有分析工具大多数只对应用进行简单的扫描,较少涉及深层次的数据流分析,因此某些漏洞无法有效地被发现。该文基于对已有Android应用漏洞特征的归纳,提出一种Android应用漏洞的静态分析框架。从Manifest文件扫描、Smali代码危险函数分析、数据流分析等3个层面归纳了7类主流安全漏洞模式,依此构建了漏洞检测规则,并结合相关静态分析技术对应用进行分析,以发现其中存在的安全漏洞。通过对323个Android应用程序的实验分析,结果表明:该框架的有效检出率在70%以上,误报率在30%以下。因此,该框架能够有效发现Android应用中常见的安全漏洞,提高用户安全性。
The number of Android applications is growing rapidly, which is bringing more and more vulnerabilities. However, most existing tools use only simple API scanning with data flow analysis tools rarely used, so some vulnerabilities cannot be found. This paper presents a static analysis framework for Android applications based on common vulnerability patterns. The analysis can detect 7 kinds of vulnerability patterns in Android apps using detection rules. Tests on 323 Android applications show that the framework can detect more than 70% of the vulnerabilities with less than 30% false positives, which shows that it can effectively detect common security vulnerabilities in Android apps.
出处
《清华大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2016年第5期461-467,共7页
Journal of Tsinghua University(Science and Technology)
基金
国家自然科学基金资助项目(61272493)