期刊文献+
共找到4篇文章
< 1 >
每页显示 20 50 100
Fine-Grained Binary Analysis Method for Privacy Leakage Detection on the Cloud Platform 被引量:1
1
作者 Jiaye Pan Yi Zhuang +1 位作者 Xinwen Hu Wenbing Zhao 《Computers, Materials & Continua》 SCIE EI 2020年第7期607-622,共16页
Nowadays cloud architecture is widely applied on the internet.New malware aiming at the privacy data stealing or crypto currency mining is threatening the security of cloud platforms.In view of the problems with exist... Nowadays cloud architecture is widely applied on the internet.New malware aiming at the privacy data stealing or crypto currency mining is threatening the security of cloud platforms.In view of the problems with existing application behavior monitoring methods such as coarse-grained analysis,high performance overhead and lack of applicability,this paper proposes a new fine-grained binary program monitoring and analysis method based on multiple system level components,which is used to detect the possible privacy leakage of applications installed on cloud platforms.It can be used online in cloud platform environments for fine-grained automated analysis of target programs,ensuring the stability and continuity of program execution.We combine the external interception and internal instrumentation and design a variety of optimization schemes to further reduce the impact of fine-grained analysis on the performance of target programs,enabling it to be employed in actual environments.The experimental results show that the proposed method is feasible and can achieve the acceptable analysis performance while consuming a small amount of system resources.The optimization schemes can go beyond traditional dynamic instrumentation methods with better analytical performance and can be more applicable to online analysis on cloud platforms. 展开更多
关键词 Cloud platform privacy leakage binary analysis dynamic analysis
下载PDF
A survey of privacy protection techniques for mobile devices 被引量:1
2
作者 ZHANG Lei ZHU Donglai +2 位作者 YANG Zhemin SUN Limin YANG Min 《Journal of Communications and Information Networks》 2016年第4期86-92,共7页
Modern mobile devices provide a wide variety of services.Users are able to access these services for many sensitive tasks relating to their everyday lives(e.g.,finance,home,or contacts).However,these services also pro... Modern mobile devices provide a wide variety of services.Users are able to access these services for many sensitive tasks relating to their everyday lives(e.g.,finance,home,or contacts).However,these services also provide new attack surfaces to attackers.Many efforts have been devoted to protecting mobile users from privacy leakage.In this work,we study state-of-the-art techniques for the detection and protection of privacy leakage and discuss the evolving trends of privacy research. 展开更多
关键词 mobile security privacy leakage privacy protection static analysis dynamic analysis
原文传递
TPII:tracking personally identifiable information via user behaviors in HTTP traffic 被引量:1
3
作者 Yi LIU Tian SONG Lejian LIAO 《Frontiers of Computer Science》 SCIE EI CSCD 2020年第3期175-187,共13页
It is widely common that mobile applications collect non-critical personally identifiable information(PII)from users'devices to the cloud by application service providers(ASPs)in a positive manner to provide preci... It is widely common that mobile applications collect non-critical personally identifiable information(PII)from users'devices to the cloud by application service providers(ASPs)in a positive manner to provide precise and recommending services.Meanwhile,Internet service providers(ISPs)or local network providers also have strong requirements to collect PIIs for finer-grained traffic control and security services.However,it is a challenge to locate PIIs accurately in the massive data of network traffic just like looking a needle in a haystack.In this paper,we address this challenge by presenting an efficient and light-weight approach,namely TPII,which can locate and track PIIs from the HTTP layer rebuilt from raw network traffics.This approach only collects three features from HTTP fields as users'behaviors and then establishes a tree-based decision model to dig PIIs efficiently and accurately.Without any priori knowledge,TPII can identify any types of PIIs from any mobile applications,which has a broad vision of applications.We evaluate the proposed approach on a real dataset collected from a campus network with more than 13k users.The experimental results show that the precision and recall of TPII are 91.72%and 94.51%respectively and a parallel implementation of TPII can achieve 213 million records digging and labelling within one hour,reaching near to support 1Gbps wirespeed inspection in practice.Our approach provides network service providers a practical way to collect PIIs for better services. 展开更多
关键词 network traffic analysis personally identifiable information privacy leakage mobile applications HTTP
原文传递
DroidEcho:an in-depth dissection of malicious behaviors in Android applications 被引量:1
4
作者 Guozhu Meng Ruitao Feng +2 位作者 Guangdong Bai Kai Chen Yang Liu 《Cybersecurity》 2018年第1期126-142,共17页
A precise representation for attacks can benefit the detection of malware in both accuracy and efficiency.However,it is still far from expectation to describe attacks precisely on the Android platform.In addition,new ... A precise representation for attacks can benefit the detection of malware in both accuracy and efficiency.However,it is still far from expectation to describe attacks precisely on the Android platform.In addition,new features on Android,such as communication mechanisms,introduce new challenges and difficulties for attack detection.In this paper,we propose abstract attack models to precisely capture the semantics of various Android attacks,which include the corresponding targets,involved behaviors as well as their execution dependency.Meanwhile,we construct a novel graph-based model called the inter-component communication graph(ICCG)to describe the internal control flows and inter-component communications of applications.The models take into account more communication channel with a maximized preservation of their program logics.With the guidance of the attack models,we propose a static searching approach to detect attacks hidden in ICCG.To reduce false positive rate,we introduce an additional dynamic confirmation step to check whether the detected attacks are false alarms.Experiments show that DROIDECHO can detect attacks in both benchmark and real-world applications effectively and efficiently with a precision of 89.5%. 展开更多
关键词 Semantic attack model Android malware detection Inter-component communication graph privacy leakage
原文传递
上一页 1 下一页 到第
使用帮助 返回顶部