摘要
Android应用程序第三方库的大量使用,提高了移动软件的开发效率,同时也带来了新的安全问题。目前的Android系统只提供一种粗粒度的权限控制机制,第三方库会与其所在主应用具有相同的权限,导致第三方库权限过大,对用户隐私造成严重威胁。目前,越来越多的学者开始对第三方库的恶意行为进行研究,取得了一定的成果。通过对恶意第三方库隔离技术的相关背景和已有方案进行综述,分析出现有研究工作中存在的问题,并对未来研究方向进行展望。
The extensive use of third party libraries in Android applications improves the efficiency of mobile software development and brings new security issues. The current Android system only provides a coarse grained permission control mechanism. The third party libraries with its host application have the same permissions,resulting in third party libraries permissions are too large,serious threats to user privacy. At present,more and more scholars began to study the malicious behavior of the third party libraries,and achieved some results. We reviewed the background and existing schemes of malicious third party libraries isolation technology,analyzed the existing problems in the research work,and looked forward to the future research direction.
出处
《计算机应用与软件》
2017年第10期304-309,315,共7页
Computer Applications and Software
基金
十三五网络空间安全专项项目(2016YFB0800102)
