摘要
针对Android权限机制存在的问题以及传统的应用风险等级评估方法的不足,提出了一种基于权限的Android应用风险评估方法。首先,通过对应用程序进行逆向工程分析,提取出应用程序声明的系统权限、静态分析的权限以及自定义的权限,和通过动态检测获取应用程序执行使用到的权限;然后,从具有恶意倾向的组合权限、"溢权"问题和自定义权限三个方面对应用程序进行量性风险评估;最后,采用层次分析法(AHP)计算上述三个方面的权重,评估应用的风险值。对6 245个软件样本进行训练,构建自定义权限数据集和具有恶意倾向的权限组合数据集。实验结果表明,与Androguard相比,所提方法能更精确地评估应用软件的风险值。
Focusing on the problems existing in Android permission mechanism and poor capability of traditional measurement methods of Android software security,a risk assessment method of Android APP based on permission was proposed.Firstly,the system permissions declared by application,the permissions obtained through static analysis and custom permissions were extracted by reverse-engineering analysis of application.At the same time,the permissions used by executing application were extracted through dynamic detection.Secondly,quantitative risk assessment of applications was performed from three aspects:permission combination of hiding malicious intent,“over-privilege”problem and custom permission vulnerability.Finally,the Analytic Hierarchy Process(AHP)evaluation model was adopted to calculate the weights of three aspects above for estimating risk value of application.In addition,custom permission data set and permissions combination dataset with hiding malicious intent were built by training 6 245 software samples collected from application store and VirusShare.The experimental results show that the proposed method can assess risk value of application software more accurately compared with Androguard.
作者
卜同同
曹天杰
BU Tongtong;CAO Tianjie(School of Computer Science and Technology,China University of Mining and Technology,Xuzhou Jiangsu 221116,China)
出处
《计算机应用》
CSCD
北大核心
2019年第1期131-135,共5页
journal of Computer Applications
基金
国家自然科学基金资助项目(61303263)~~
关键词
Android安全
风险评估
应用权限
量性评估
静态分析
动态检测
Android security
risk assessment
application permission
quantitative assessment
static analysis
dynamic detection
