Android应用程序隐私数据泄露检测

doi:10.3785/j.issn.1008-973X.2016.12.016

浙江大学学报(工学版)

计算机科学

Android应用程序隐私数据泄露检测

蒋煦, 张长胜, 戴大蒙, 阮婧, 慕德俊

1.西北工业大学自动化学院,陕西西安 710071
2.温州大学物理与电子信息工程学院,浙江温州 325000
3.温州职业技术学院,浙江温州 325000

Privacy data leakage detection for Android application

JIANG Xu, ZHANG Chang sheng, DAI Da meng, RUAN Jing, MU De jun

1. Department of Automation, Northwestern Polytechnical University, Xi’an 710071, China;
2. Department of Physics and Electronic Information Engineering, Wenzhou University, Wenzhou 325000, China;
3. Wenzhou Vocational and Technical College, Wenzhou 325000, China

全文: PDF(776 KB) HTML

摘要：

针对安卓(Android)系统的隐私数据泄露问题,提出基于半格理论数据流分析的分层架构检测方法.对未获取Root权限的应用程序,根据应用程序申请的权限信息，细粒度地锁定产生污点数据的源函数和泄露隐私数据的锚函数范围.当源函数和锚函数同时存在于应用程序时,进行数据流分析.当源函数和锚函数位于不同组件时,将组件间通讯（ICC）问题转换为IDE分析问题.实验结果表明,该方法能够有效地检测出应用程序组件内或组件间的隐私数据泄露,正确率达到91.5%|与同类具有代表性的检测工具相比,在准确率和召回率接近的情况下,所提出方法的检测时间明显缩短.

Abstract:

A multi-level detection method based on semi-lattice data flow analysis was proposed in order to solve the problem of Android privacy data leakage. For the applications without root privilege, the fine-grained range of source functions was determined that generated privacy data and sink functions that leaked them, according to the permissions for the application. If the source functions and the sink functions existed in the same application, the detection system began to analyze data flow. When the two kinds of functions located in different components, the method could transform inter-component communication (ICC) problem into inter-procedural distributive environment (IDE) problem. Results show that the proposed method can detect the privacy data leakage not only for communication in the same component, but also for communication between different components. The accuracy of the proposed method reaches 91.5%, which can significantly save detection time compared with other state-of-the-art methods under the condition of similar precision and recall rate.

出版日期: 2016-12-08

TP 309

基金资助:

国家自然科学基金资助项目（6130324）;浙江省自然科学基金资助项目（LY13F020024）;
浙江省科技厅公益性资助项目（2014C31079）.

通讯作者: 慕德俊，男，教授. ORCID:0000-0002-2425-6751. E-mail: Mudejun@nwpu.edu.cn

作者简介: 蒋煦（1983—），男，博士生，从事信息安全研究. ORCID: 0000-0001-5840-5682. E-mail: jiangxu@mail.nwpu.edu.cn

	服务
	把本文推荐给朋友
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章

引用本文:

蒋煦, 张长胜, 戴大蒙, 阮婧, 慕德俊. Android应用程序隐私数据泄露检测[J]. 浙江大学学报(工学版), 10.3785/j.issn.1008-973X.2016.12.016.

JIANG Xu, ZHANG Chang sheng, DAI Da meng, RUAN Jing, MU De jun. Privacy data leakage detection for Android application. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 10.3785/j.issn.1008-973X.2016.12.016.

链接本文:

http://www.zjujournals.com/eng/CN/10.3785/j.issn.1008-973X.2016.12.016 或 http://www.zjujournals.com/eng/CN/Y2016/V50/I12/2357

［1］吴泽智,陈性元,杨智,等.安卓隐私安全研究发展［J］.计算机应用研究,2014,31(8)：2241-2246.
WU Zezhi, CHEN Xingyuan, YANG Zhi, et al. Survey on privacy security for Android ［J］. Application Research of Computers, 2014, 31(8): 2241-2246.
［2］ LU L, LI Z C, WU Z Y, et al.Chex: statically vetting android apps for component hijacking vulnerabilities ［C］ ∥ Proceedings of ACM Conference on Computer and Communications Security. New York: ACM, 2012:229-240.
［3］ CHAN P P F, HUI L C K, YIU S M.DroidChecker: analyzing android applications for capability leak ［C］ ∥ Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks. New York: ACM,2012: 125-136.
［4］ ARZT S, RASTHOFER S, BODDEN E, et al. Flowdroid: precise context, flow, field, object-sensitive and lifecycleaware taint analysis or android apps ［C］ ∥ Proceedings of the 35th Annual ACM SIGPLAN Conference on Programming Language Design and Impleme-ntation. Edinburgh: ACM, 2014, 49(6): 259-269.
［5］王兆国,李城龙,张洛什,等.一种基于行为链的Android应用隐私窃取检测方法［J］.电子学报,2015,43（9）： 1750-1755.
WANG Zhaoguo, LI Chenglong, ZHANG Luoshi,et al. A privacy stealing detection method based on behavior-chain for android application ［J］. Acta Electronica Sinica, 2015, 43(9): 1750-1755.
［6］ OCTEAU D, MCDANIEL P, JHA S, et al. Effective intercomponent communication mapping in Android with epic: an essential step towards holistic securityanalysis ［C］ ∥ Proceedings of the 22nd USENIX Conference on Security. Berkeley: ACM, 2013: 543-558.
［7］ LI L, BARTEL A, BISSYANDE T F, et al. ICCTA: Detecting intercomponent privacy leaks in Android Apps ［C］ ∥ Proceedings of the 37th International Conference on Software Engineering. Florence: IEEE, 2015: 280-291.
［8］ DENNING D E, DENNING P J. Certification of programs for secure information flow \[J\]. Communications of the ACM, 2015, 47(20): 504-513.
［9］万志远,周波.基于静态信息流跟踪的输入验证漏洞检测方法［J］.浙江大学学报：工学版, 2015, 49(4)： 683-691.
WAN Zhiyuan, ZHOU Bo.Static information flow tracking based approach to detect input validation vulnerabilities ［J］. Journal of Zhejiang University: Engineering Science, 2015, 49(4)： 683-691.
［10］ GULWANI S, NECULA G C. Precise interprocedural analysis using random interpretation ［J］. ACM Sigplan Notices, 2015, 40(1): 324-337.
［11］方捷.格论导引［M］.北京：高等教育出版社,2014: 12-14.
［12］倪程，李志蜀.基于数据流的Java字节码分析［J］.微计算机信息,2009，25（12）： 231-232.
NI Cheng, LI Zhishu. Analysis on Java bytecode based on data flow \[J\]. Microcomputer Information, 2009, 25(12): 231-232.
［13］ OCTEAU D, JHA S, MCDANIEL P. Retargeting Android applications to java bytecode ［C］ ∥ Proceedings of the 20th ACM SIGSOFT International Symposium on the Foundations of Software Engineering, New York: ACM, 2012: 6.
［14］ OCTEAU D, LUCHAUP D, DERING M, et al.Composite constant propagation: application to android intercomponent communication analysis ［C］ ∥ Proceedings ofthe ACM SIGSOFT 37th International Conference on Software Engineering. Florence: IEEE, 2015: 77-88.
［15］刑晓燕,金洪颖,田敏. Android系统Root权限获取与检测［J］ .软件,2013, 34(12)： 208-210.
XING Xiaoyan, JIN Hongying, TIAN Min. Android system root access and detection ［J］. Computer Engineering and Software, 2013,34(12)： 208-210.
［16］ ZHOU Y,JIANG X. Dissecting Android malware: characterization and evolution ［C］ ∥ Proceedings of IEEE Symposium on Security and Privacy. Oakland: IEEE, 2012: 95109.
［17］ RASTHOFER S, ARZT S, BODDEN E. A machinelearning approach for classifying and categorizing Android sources and sinks ［C］ ∥ Proceedings of 2014 Network and Distributed System Security Symposium. San Diego: SIG, 2014: 115.
［18］刘涛,唐祝寿,沈备军.Android应用隐私泄露的自动化检测［J］.计算机应用与软件,2015,32（3）： 297-316.
LIU Tao, TANG Zhushou, SHEN Beijun.Automatically detection privacy leaks of Android applications ［J］.Computer Applications and Software, 2015, 32(3): 297-316.
［19］ WEI F,ROY S,OU X, et al.Amandroid： a precise and genenal intercomponent data flow analysis framework for security vetting of android apps ［C］ ∥ Proceedings of the ACM Conference on Computer and Communications Security. Scottsdale: ACM, 2014: 1329-1341.

[1]	马春来, 单洪, 李志, 朱立新. 移动用户下一地点预测新方法[J]. 浙江大学学报(工学版), 2016, 50(12): 2371-2379.
[2]	万志远, 周波. 支持局部调用图生成的指针分析[J]. 浙江大学学报(工学版), 2015, 49(6): 1031-1040.
[3]	万志远, 周波. 基于静态信息流跟踪的输入验证漏洞检测方法[J]. 浙江大学学报(工学版), 2015, 49(4): 683-691.
[4]	王友卫, 刘元宁, 朱晓冬. 用于图像内容认证的半脆弱水印新算法[J]. J4, 2013, 47(6): 969-976.
[5]	李卓,陈健,蒋晓宁,曾宪庭,潘雪增. 基于多域特征的JPEG图像盲检测算法[J]. J4, 2011, 45(9): 1528-1538.
[6]	马晨华, 王进, 裘炅, 陆国栋. 基于情景约束的工作流柔性访问控制模型[J]. J4, 2010, 44(12): 2297-2308.
[7]	陈珂，胡天磊，陈刚. 基于角色的信任证覆盖网络中高效信任链搜索[J]. J4, 2010, 44(12): 2241-2250.
[8]	周天舒, 李劲松, 杨一兵, 陈运奇, 薛万国, 赵军平. 区域医疗系统数据真实性保障流程优化[J]. J4, 2010, 44(8): 1484-1489.
[9]	彭志宇, 李善平, 杨朝晖, 林欣. 信任管理中的匿名授权方法[J]. J4, 2010, 44(5): 897-902.
[10]	余利华, 陈刚, 王伟, 陈柯, 董金祥. 一种基于容器的自组织存储模型[J]. J4, 2010, 44(5): 915-922.
[11]	姜励, 陈健, 平玲娣, 陈小平. 多线程程序的信息抹除和降密安全策略[J]. J4, 2010, 44(5): 854-862.
[12]	付剑晶, 王珂. 基于交叉控制流混淆技术的编译方法[J]. J4, 2010, 44(5): 903-909.
[13]	陈珂, 邵峰, 陈刚, 等. XML结构化匹配中的位图过滤加速法[J]. J4, 2009, 43(09): 1549-1556.
[14]	江颉, 张杰, 陈德人. 基于推理的上下文感知RBAC模型设计和实现[J]. J4, 2009, 43(09): 1609-1614.
[15]	黄勇, 陈小平, 陈文智, 等. 支持动态调节的保密性和完整性统一模型[J]. J4, 2009, 43(8): 1377-1382.

Viewed

Full text

Abstract

Cited

Shared

Discussed