摘要
Settings机制是Android系统向应用程序提供的访问和配置部分全局设置的机制,Settings中的数据可被设备上的所有应用读取.实际使用中,一些Android应用及第三方库误将IMEI、BSSID、地理位置等隐私数据或关键配置信息写入Settings中,使得系统面临严重的隐私数据泄露、关键配置信息泄露和污染等安全风险.在分析大量样本的基础上,总结了Settings数据中泄露的隐私数据类型和关键配置信息,并针对部分Android应用和第三方库设计了数据劫持攻击和拒绝服务攻击方案,验证并确认了Settings机制在使用过程中的安全风险;针对该问题设计和实现了基于污点分析的Settings机制应用漏洞静态检测工具——SettingsHunter,该工具利用污点分析技术实现了对Android应用及第三方库Settings数据中的隐私数据泄露和关键配置信息泄露问题的自动检测,该工具将第三方库与宿主应用的分析分离,优化了分析过程,提高了分析效率和分析能力.使用SettingsHunter对3477个应用进行检测的结果显示,23.5%的应用在Settings数据的使用中存在隐私数据泄露或配置信息泄露问题,其中90.7%的应用中Settings相关风险操作完全来自于第三方库.实验结果表明:Settings中隐私数据泄露和关键配置信息泄露问题严重,第三方库中的问题尤为突出.
Offered by Android system, Settings is a mechanism used by applications to read and write some global settings of the device. Data stored in Settings can be read by all the applications on the same device. Some Android applications and third-party libraries carelessly put privacy data and important configuration information into Settings, which leads to serious security risks such as privacy leakage and configuration data leakage. In this paper, we make a comprehensive study of the issuesmentioned above. By analyzing a large number of applications, we find the privacy data andconfiguration information leaked to Settings including IMEI, BSSID and location info, etc. We alsosuccessfully undertake some data hijacking attacks and DoS attacks for Android applications and thirdpartylibraries, which confirms that the inappropriate use of Settings can really lead to serious securityproblems. Based on the above research, we propose SettingsHunter, a static detection tool forSettings issues. SettingsHunter detects privacy data and important configuration information put inSettings using taint analysis technology. In order to improve the efficiency, SettingsHunter separatesthe analysis of third-party libraries from the one of host applications. This separation also improvesthe analysis ability for third-party libraries. We use SettingsHunter to analysis 3477 applications andthe result shows that 23. 5% of the analyzed applications put privacy data or key configurationinformation into Settings, of which 90. 7% is due to the using of third-party libraries. These applications and third-party libraries may suffer from privacy data leakage or configuration data pollution attacks.
作者
路晔绵
应凌云
苏璞睿
冯登国
靖二霞
谷雅聪
Lu Yemian;Ying Lingyun;Su Purui;Feng Dengguo;Jing Erxia;Gu Yacong(T r u s t e d C o m p u t i n g a n d I n f o r m a t i o n As su ran ce)
出处
《计算机研究与发展》
EI
CSCD
北大核心
2016年第10期2248-2261,共14页
Journal of Computer Research and Development
基金
国家"九七三"重点基础研究发展计划基金项目(2012CB315804)
国家自然科学基金项目(61502468)
国家"八六三"高技术研究发展计划基金项目(2015AA01603)~~
关键词
安卓应用
第三方库
隐私泄露
数据污染
静态污点分析
Android applications
third-party libraries
privacy leakage
data pollution
static taint analysis
