上下文感知的安卓应用程序漏洞检测研究

Research on context-aware Android application vulnerability detection

针对基于学习的安卓应用程序的漏洞检测模型对源程序的特征提取结果欠缺语义信息,且提取的特征化结果包含与漏洞信息无关的噪声数据,导致漏洞检测模型的准确率下降的问题,提出了一种基于代码切片(CIS)的程序特征提取方法。该方法和抽象语法树(AST)特征方法相比可以更加精确地提取和漏洞存在直接关系的变量信息,避免引入过多噪声数据,同时可以体现漏洞的语义信息。利用CIS,基于Bi-LSTM和注意力机制提出了一个上下文感知的安卓应用程序漏洞检测模型VulDGArcher;针对安卓漏洞数据集不易获得的问题,构建了一个包含隐式Intent通信漏洞和Pending Intent权限绕过漏洞的41812个代码片段的数据集,其中漏洞代码片段有16218个。在这个数据集上,VulDGArcher检测准确率可以达到96%,高于基于AST特征和未进行处理的APP源码特征的深度学习漏洞检测模型。

The vulnerability detection model of Android application based on learning lacks semantic features. The extracted features contain noise data unrelated to vulnerabilities, which leads to the false positive of vulnerability detection model. A feature extraction method based on code information slice(CIS) was proposed. Compared with the abstract syntax tree(AST) feature method, the proposed method could extract the variable information directly related to vulnerabilities more accurately and avoid containing too much noise data. It contained semantic information of vulnerabilities.Based on CIS and BI-LSTM with attention mechanism, a context-aware Android application vulnerability detection model VulDGArcher was proposed. For the problem that the Android vulnerability data set was not easy to obtain, a data set containing 41 812 code fragments including the implicit Intent security vulnerability and the bypass PendingIntent permission audit vulnerability was built. There were 16 218 code fragments of vulnerability. On this data set, VulDGArcher’s detection accuracy can reach 96%, which is higher than the deep learning vulnerability detection model based on AST features and APP source code features.