| Computer Technology |
|
|
|
|
| Privacy data leakage detection for Android application |
| JIANG Xu, ZHANG Chang sheng, DAI Da meng, RUAN Jing, MU De jun |
1. Department of Automation, Northwestern Polytechnical University, Xi’an 710071, China;
2. Department of Physics and Electronic Information Engineering, Wenzhou University, Wenzhou 325000, China;
3. Wenzhou Vocational and Technical College, Wenzhou 325000, China |
|
|
|
Abstract A multi-level detection method based on semi-lattice data flow analysis was proposed in order to solve the problem of Android privacy data leakage. For the applications without root privilege, the fine-grained range of source functions was determined that generated privacy data and sink functions that leaked them, according to the permissions for the application. If the source functions and the sink functions existed in the same application, the detection system began to analyze data flow. When the two kinds of functions located in different components, the method could transform inter-component communication (ICC) problem into inter-procedural distributive environment (IDE) problem. Results show that the proposed method can detect the privacy data leakage not only for communication in the same component, but also for communication between different components. The accuracy of the proposed method reaches 91.5%, which can significantly save detection time compared with other state-of-the-art methods under the condition of similar precision and recall rate.
|
|
Published: 08 December 2016
|
|
|
Android应用程序隐私数据泄露检测
针对安卓(Android)系统的隐私数据泄露问题,提出基于半格理论数据流分析的分层架构检测方法.对未获取Root权限的应用程序,根据应用程序申请的权限信息,细粒度地锁定产生污点数据的源函数和泄露隐私数据的锚函数范围.当源函数和锚函数同时存在于应用程序时,进行数据流分析.当源函数和锚函数位于不同组件时,将组件间通讯(ICC)问题转换为IDE分析问题.实验结果表明,该方法能够有效地检测出应用程序组件内或组件间的隐私数据泄露,正确率达到91.5%|与同类具有代表性的检测工具相比,在准确率和召回率接近的情况下,所提出方法的检测时间明显缩短.
|
|
| [1] 吴泽智,陈性元,杨智,等.安卓隐私安全研究发展[J].计算机应用研究,2014,31(8):2241-2246.
WU Zezhi, CHEN Xingyuan, YANG Zhi, et al. Survey on privacy security for Android [J]. Application Research of Computers, 2014, 31(8): 2241-2246.
[2] LU L, LI Z C, WU Z Y, et al.Chex: statically vetting android apps for component hijacking vulnerabilities [C] ∥ Proceedings of ACM Conference on Computer and Communications Security. New York: ACM, 2012:229-240.
[3] CHAN P P F, HUI L C K, YIU S M.DroidChecker: analyzing android applications for capability leak [C] ∥ Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks. New York: ACM,2012: 125-136.
[4] ARZT S, RASTHOFER S, BODDEN E, et al. Flowdroid: precise context, flow, field, object-sensitive and lifecycleaware taint analysis or android apps [C] ∥ Proceedings of the 35th Annual ACM SIGPLAN Conference on Programming Language Design and Impleme-ntation. Edinburgh: ACM, 2014, 49(6): 259-269.
[5] 王兆国,李城龙,张洛什,等.一种基于行为链的Android应用隐私窃取检测方法[J].电子学报,2015,43(9): 1750-1755.
WANG Zhaoguo, LI Chenglong, ZHANG Luoshi,et al. A privacy stealing detection method based on behavior-chain for android application [J]. Acta Electronica Sinica, 2015, 43(9): 1750-1755.
[6] OCTEAU D, MCDANIEL P, JHA S, et al. Effective intercomponent communication mapping in Android with epic: an essential step towards holistic securityanalysis [C] ∥ Proceedings of the 22nd USENIX Conference on Security. Berkeley: ACM, 2013: 543-558.
[7] LI L, BARTEL A, BISSYANDE T F, et al. ICCTA: Detecting intercomponent privacy leaks in Android Apps [C] ∥ Proceedings of the 37th International Conference on Software Engineering. Florence: IEEE, 2015: 280-291.
[8] DENNING D E, DENNING P J. Certification of programs for secure information flow \[J\]. Communications of the ACM, 2015, 47(20): 504-513.
[9] 万志远,周波.基于静态信息流跟踪的输入验证漏洞检测方法[J].浙江大学学报:工学版, 2015, 49(4): 683-691.
WAN Zhiyuan, ZHOU Bo.Static information flow tracking based approach to detect input validation vulnerabilities [J]. Journal of Zhejiang University: Engineering Science, 2015, 49(4): 683-691.
[10] GULWANI S, NECULA G C. Precise interprocedural analysis using random interpretation [J]. ACM Sigplan Notices, 2015, 40(1): 324-337.
[11] 方捷.格论导引[M].北京:高等教育出版社,2014: 12-14.
[12] 倪程,李志蜀.基于数据流的Java字节码分析[J].微计算机信息,2009,25(12): 231-232.
NI Cheng, LI Zhishu. Analysis on Java bytecode based on data flow \[J\]. Microcomputer Information, 2009, 25(12): 231-232.
[13] OCTEAU D, JHA S, MCDANIEL P. Retargeting Android applications to java bytecode [C] ∥ Proceedings of the 20th ACM SIGSOFT International Symposium on the Foundations of Software Engineering, New York: ACM, 2012: 6.
[14] OCTEAU D, LUCHAUP D, DERING M, et al.Composite constant propagation: application to android intercomponent communication analysis [C] ∥ Proceedings ofthe ACM SIGSOFT 37th International Conference on Software Engineering. Florence: IEEE, 2015: 77-88.
[15] 刑晓燕,金洪颖,田敏. Android系统Root权限获取与检测 [J] .软件,2013, 34(12): 208-210.
XING Xiaoyan, JIN Hongying, TIAN Min. Android system root access and detection [J]. Computer Engineering and Software, 2013,34(12): 208-210.
[16] ZHOU Y,JIANG X. Dissecting Android malware: characterization and evolution [C] ∥ Proceedings of IEEE Symposium on Security and Privacy. Oakland: IEEE, 2012: 95109.
[17] RASTHOFER S, ARZT S, BODDEN E. A machinelearning approach for classifying and categorizing Android sources and sinks [C] ∥ Proceedings of 2014 Network and Distributed System Security Symposium. San Diego: SIG, 2014: 115.
[18] 刘涛,唐祝寿,沈备军.Android应用隐私泄露的自动化检测[J].计算机应用与软件,2015,32(3): 297-316.
LIU Tao, TANG Zhushou, SHEN Beijun.Automatically detection privacy leaks of Android applications [J].Computer Applications and Software, 2015, 32(3): 297-316.
[19] WEI F,ROY S,OU X, et al.Amandroid: a precise and genenal intercomponent data flow analysis framework for security vetting of android apps [C] ∥ Proceedings of the ACM Conference on Computer and Communications Security. Scottsdale: ACM, 2014: 1329-1341. |
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
| |
Shared |
|
|
|
|
| |
Discussed |
|
|
|
|
