计算机科学 |
|
|
|
|
Android应用程序隐私数据泄露检测 |
蒋煦, 张长胜, 戴大蒙, 阮婧, 慕德俊 |
1.西北工业大学 自动化学院,陕西 西安 710071
2.温州大学 物理与电子信息工程学院,浙江 温州 325000
3.温州职业技术学院,浙江 温州 325000 |
|
Privacy data leakage detection for Android application |
JIANG Xu, ZHANG Chang sheng, DAI Da meng, RUAN Jing, MU De jun |
1. Department of Automation, Northwestern Polytechnical University, Xi’an 710071, China;
2. Department of Physics and Electronic Information Engineering, Wenzhou University, Wenzhou 325000, China;
3. Wenzhou Vocational and Technical College, Wenzhou 325000, China |
引用本文:
蒋煦, 张长胜, 戴大蒙, 阮婧, 慕德俊. Android应用程序隐私数据泄露检测[J]. 浙江大学学报(工学版), 10.3785/j.issn.1008-973X.2016.12.016.
JIANG Xu, ZHANG Chang sheng, DAI Da meng, RUAN Jing, MU De jun. Privacy data leakage detection for Android application. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 10.3785/j.issn.1008-973X.2016.12.016.
链接本文:
http://www.zjujournals.com/eng/CN/10.3785/j.issn.1008-973X.2016.12.016
或
http://www.zjujournals.com/eng/CN/Y2016/V50/I12/2357
|
[1] 吴泽智,陈性元,杨智,等.安卓隐私安全研究发展[J].计算机应用研究,2014,31(8):2241-2246.
WU Zezhi, CHEN Xingyuan, YANG Zhi, et al. Survey on privacy security for Android [J]. Application Research of Computers, 2014, 31(8): 2241-2246.
[2] LU L, LI Z C, WU Z Y, et al.Chex: statically vetting android apps for component hijacking vulnerabilities [C] ∥ Proceedings of ACM Conference on Computer and Communications Security. New York: ACM, 2012:229-240.
[3] CHAN P P F, HUI L C K, YIU S M.DroidChecker: analyzing android applications for capability leak [C] ∥ Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks. New York: ACM,2012: 125-136.
[4] ARZT S, RASTHOFER S, BODDEN E, et al. Flowdroid: precise context, flow, field, object-sensitive and lifecycleaware taint analysis or android apps [C] ∥ Proceedings of the 35th Annual ACM SIGPLAN Conference on Programming Language Design and Impleme-ntation. Edinburgh: ACM, 2014, 49(6): 259-269.
[5] 王兆国,李城龙,张洛什,等.一种基于行为链的Android应用隐私窃取检测方法[J].电子学报,2015,43(9): 1750-1755.
WANG Zhaoguo, LI Chenglong, ZHANG Luoshi,et al. A privacy stealing detection method based on behavior-chain for android application [J]. Acta Electronica Sinica, 2015, 43(9): 1750-1755.
[6] OCTEAU D, MCDANIEL P, JHA S, et al. Effective intercomponent communication mapping in Android with epic: an essential step towards holistic securityanalysis [C] ∥ Proceedings of the 22nd USENIX Conference on Security. Berkeley: ACM, 2013: 543-558.
[7] LI L, BARTEL A, BISSYANDE T F, et al. ICCTA: Detecting intercomponent privacy leaks in Android Apps [C] ∥ Proceedings of the 37th International Conference on Software Engineering. Florence: IEEE, 2015: 280-291.
[8] DENNING D E, DENNING P J. Certification of programs for secure information flow \[J\]. Communications of the ACM, 2015, 47(20): 504-513.
[9] 万志远,周波.基于静态信息流跟踪的输入验证漏洞检测方法[J].浙江大学学报:工学版, 2015, 49(4): 683-691.
WAN Zhiyuan, ZHOU Bo.Static information flow tracking based approach to detect input validation vulnerabilities [J]. Journal of Zhejiang University: Engineering Science, 2015, 49(4): 683-691.
[10] GULWANI S, NECULA G C. Precise interprocedural analysis using random interpretation [J]. ACM Sigplan Notices, 2015, 40(1): 324-337.
[11] 方捷.格论导引[M].北京:高等教育出版社,2014: 12-14.
[12] 倪程,李志蜀.基于数据流的Java字节码分析[J].微计算机信息,2009,25(12): 231-232.
NI Cheng, LI Zhishu. Analysis on Java bytecode based on data flow \[J\]. Microcomputer Information, 2009, 25(12): 231-232.
[13] OCTEAU D, JHA S, MCDANIEL P. Retargeting Android applications to java bytecode [C] ∥ Proceedings of the 20th ACM SIGSOFT International Symposium on the Foundations of Software Engineering, New York: ACM, 2012: 6.
[14] OCTEAU D, LUCHAUP D, DERING M, et al.Composite constant propagation: application to android intercomponent communication analysis [C] ∥ Proceedings ofthe ACM SIGSOFT 37th International Conference on Software Engineering. Florence: IEEE, 2015: 77-88.
[15] 刑晓燕,金洪颖,田敏. Android系统Root权限获取与检测 [J] .软件,2013, 34(12): 208-210.
XING Xiaoyan, JIN Hongying, TIAN Min. Android system root access and detection [J]. Computer Engineering and Software, 2013,34(12): 208-210.
[16] ZHOU Y,JIANG X. Dissecting Android malware: characterization and evolution [C] ∥ Proceedings of IEEE Symposium on Security and Privacy. Oakland: IEEE, 2012: 95109.
[17] RASTHOFER S, ARZT S, BODDEN E. A machinelearning approach for classifying and categorizing Android sources and sinks [C] ∥ Proceedings of 2014 Network and Distributed System Security Symposium. San Diego: SIG, 2014: 115.
[18] 刘涛,唐祝寿,沈备军.Android应用隐私泄露的自动化检测[J].计算机应用与软件,2015,32(3): 297-316.
LIU Tao, TANG Zhushou, SHEN Beijun.Automatically detection privacy leaks of Android applications [J].Computer Applications and Software, 2015, 32(3): 297-316.
[19] WEI F,ROY S,OU X, et al.Amandroid: a precise and genenal intercomponent data flow analysis framework for security vetting of android apps [C] ∥ Proceedings of the ACM Conference on Computer and Communications Security. Scottsdale: ACM, 2014: 1329-1341. |
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|