摘要
Android组件间通信为应用程序带来了便利性的同时也增加了安全隐患,可能导致多个应用程序协作进行共谋攻击.针对该问题,提出一种形式化的方法对Andriod应用程序的组件间通信行为进行建模和检测.通过组件级的数据流分析,为每个组件生成组件数据流图.通过跟踪和分析跨组件边界的数据流找到ICC调用者和ICC被调者.基于Pi演算为组件数据流图进行形式化映射,建立了Android应用程序的行为模型.基于该行为模型,通过分析Intent的异常对基于通信的攻击进行检测.最后,分析和实验了该方法的检测效率,并和相关方法进行了对比,并通过对57个Android Apps的分析和检测,部分的验证了该方法的有效性.
The android operating system provides a rich inter-component communication ( ICC ) method to bring enormous conven-ience. However, the android ICC also increases security risks. To address this problem, a formal method is proposed which can modeland detecte inter-component communication behavior in android applications. Firstly, we generate data flow graphs for each componentby component-level data flow analysis. Secondly, we find out the ICC Caller and Callee by tracking and analyzing data flow acrosscomponent boundaries. Thirdly ,based on Pi calculus, we give a formal mapping method for component data flow graph, and constructthe behavior model of Android applications. Then component hijacking attacks are detected by analyzing the intent abnormity. Finally,we analyze the detection efficiency ,and compare with the relevant methods. Through analyzing fifty-seven applications in real-worldpartly verify the effectiveness of the proposed method.
出处
《小型微型计算机系统》
CSCD
北大核心
2018年第1期166-172,共7页
Journal of Chinese Computer Systems
基金
河北省自然科学基金项目(F2016203290)资助
国家自然科学基金项目(61272125)资助
教育部高等学校博士学科点专项科研基金项目(20121333110014)资助
河北省高等学校科学技术研究项目(QN2016073)资助
