摘要
Android的开源性带来开发便利的同时,也带来了攻击的便利,如用户隐私信息的窃取。针对Android应用程序中的隐私泄漏问题,设计了基于静态污点分析的自动化检测系统——Leak Detector。该系统使用泄漏类型判断决策森林来检测应用程序中的隐私泄漏情况。首先,基于同类型相似性思想,构建了类型化泄漏数据库;其次,利用随机森林算法,将泄漏数据库转化成泄漏类型判断决策森林,再利用多方投票提高检测结果的合理性,并增加可重复利用性,减少检测人员的工作量;最后,此系统还提供了对泄漏点的逆向定位功能,该功能可以丰富简洁的检测结果,获取应用程序中存在的隐私泄漏数据流的泄漏源和泄漏点。从15个应用市场中收集了65个天气类应用程序构建泄漏数据库,并生成判断决策森林。以一个新的天气类应用程序作为待检测对象,利用判断决策森林进行隐私泄漏情况检测。共得到12条隐私泄漏数据流,其中,包括通过网络泄漏设备信息、将设备信息记录到本地日志、将本地日志存入content中、通过网络发送本地日志、通过网络发送文件5种泄漏类型。通过逆向定位功能找到了对应的泄漏源和泄漏点。结果表明,该系统可以检测出类型化应用程序的隐私泄漏情况,准确率为91.6%,并能逆向定位到隐私泄漏的泄漏源和泄漏点。
The open-source feature of Android brings the convenience for both developers and attackers. As a result, there exist lots of attacks, such as user privacy information leak, remote eontroll attack, system broken attack etc. In order to improve the legality and efficiency of privacy leakage detection, an automatic detection system named LeakDetector based on static taint tracking was proposed. In the system,the forest of leakage classification was used to detect the privacy leaks of an application. First of all, LeakDetector construeted some databases of privacy leakages using similar applications. Then Random Forest was used to turn the databases into a forest of leakage classification. The accuracy of result was improved by multiple-part voting mechanisms. The voting and reusable feature of the forest of leakage classification could improve the validity of privacy leakage detection results and reduce the workload of detectors. In addition, LeakDetector provided a function to locate the leak points, which could enrich the concise test results, and get the sinks and sources of the privacy leakage data flows in the application. Sixty-five weather apps were collected from five third-markets to generate leak databases and a forest of leakage classification was made. When a new testing weather app was input into the forest of leakage clas sification, twelve warnings classified into five leakage types were obtained. These five leakage types included leaking phone information through the Internet,leaking phone information to local log,leaking local log to content, leaking local log through the Internet and lea king local file through the Internet. Finally,the locations of the sinks and sources were identified through the function of reverse location. The experimental results showed LeakDetector could detect the privacy leakage from applications with an accuracy rate of 91.6%. Moreover,the reverse-location function could localize the leakage sources and leakage points.
出处
《工程科学与技术》
EI
CAS
CSCD
北大核心
2017年第1期169-175,共7页
Advanced Engineering Sciences
基金
国家自然科学基金资助项目(61202353
61272084
61602258)