基于靜態(tài)污點(diǎn)分析的Android應(yīng)用隱私泄露檢測(cè)研究與實(shí)現(xiàn)
發(fā)布時(shí)間:2019-01-05 11:27
【摘要】:近年來(lái),Android智能手機(jī)發(fā)展十分迅速,但是Android系統(tǒng)的開(kāi)源性以及應(yīng)用商城對(duì)新發(fā)布軟件檢查力度的薄弱,導(dǎo)致Android平臺(tái)上的惡意軟件日漸增長(zhǎng),單純依靠病毒分析人員手工處理已經(jīng)無(wú)法滿足海量樣本的要求。在常見(jiàn)的敏感行為中,用戶敏感數(shù)據(jù)泄露尤為突出,輕則造成移動(dòng)設(shè)備編號(hào)的泄露,重則造成賬號(hào)密碼的泄露。因此,論文從APK功能分類和檢測(cè)量化兩個(gè)方向?qū)o態(tài)檢測(cè)進(jìn)行研究,并將研究結(jié)果應(yīng)用于APK文件靜態(tài)檢測(cè)系統(tǒng)的設(shè)計(jì)和實(shí)現(xiàn)。論文總結(jié)靜態(tài)分析的特點(diǎn),結(jié)合靜態(tài)污點(diǎn)傳播技術(shù),將APK文件按照實(shí)際運(yùn)行功能進(jìn)行分類,并根據(jù)分類配置分析過(guò)程中所需要的SOURCE和SINK文件,使靜態(tài)分析更具有針對(duì)性,減少內(nèi)存和時(shí)間消耗。其次,設(shè)計(jì)了敏感值計(jì)算模型。在分類的基礎(chǔ)上,統(tǒng)計(jì)各個(gè)功能分類中待檢測(cè)敏感調(diào)用的使用頻率,并以此為數(shù)據(jù)基礎(chǔ)計(jì)算敏感調(diào)用的敏感值、敏感路徑的敏感值以及APK文件整體的敏感值。最后,在以上兩點(diǎn)理論的基礎(chǔ)上,論文實(shí)現(xiàn)了一個(gè)完整的檢測(cè)系統(tǒng)。為了更有效的提煉出已經(jīng)檢測(cè)到的隱私泄露問(wèn)題,論文設(shè)計(jì)出一套能夠快速定位所被檢測(cè)APK文件特性的報(bào)表。通過(guò)報(bào)表,用戶能夠直觀的看到關(guān)于檢測(cè)到的敏感路徑的描述,以及對(duì)文件敏感性的數(shù)值估計(jì)。系統(tǒng)測(cè)試和分析表明該靜態(tài)檢測(cè)系統(tǒng)提高了檢測(cè)準(zhǔn)確率并降低了檢測(cè)時(shí)間。
[Abstract]:In recent years, Android smartphones have developed very rapidly, but the open source of Android system and the weak check of newly released software by application mall have led to the increasing malware on Android platform. Simply relying on virus analysts manual processing has been unable to meet the requirements of a large number of samples. In the common sensitive behavior, the sensitive data leakage of the user is especially prominent, which causes the leakage of the mobile device number and the password of the account. Therefore, this paper studies static detection from two aspects of APK function classification and quantification, and applies the research results to the design and implementation of APK file static detection system. This paper summarizes the characteristics of static analysis, combines the static stain propagation technology, classifies the APK files according to the actual running function, and according to the SOURCE and SINK files needed in the process of classification and configuration analysis, makes the static analysis more targeted. Reduce memory and time consumption. Secondly, the sensitive value calculation model is designed. On the basis of the classification, the frequency of the sensitive calls to be detected in each functional classification is counted, and the sensitive values of the sensitive calls, the sensitive paths and the whole sensitive values of the APK files are calculated on the basis of the data. Finally, on the basis of the above two theories, a complete detection system is implemented. In order to extract the detected privacy disclosure problem more effectively, this paper designs a set of report forms which can locate the detected APK file characteristics quickly. Through the report, the user can visualize the description of the detected sensitive path and the numerical estimation of the sensitivity of the file. The system test and analysis show that the static detection system improves the detection accuracy and reduces the detection time.
【學(xué)位授予單位】:北京郵電大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2016
【分類號(hào)】:TP309;TP316
本文編號(hào):2401725
[Abstract]:In recent years, Android smartphones have developed very rapidly, but the open source of Android system and the weak check of newly released software by application mall have led to the increasing malware on Android platform. Simply relying on virus analysts manual processing has been unable to meet the requirements of a large number of samples. In the common sensitive behavior, the sensitive data leakage of the user is especially prominent, which causes the leakage of the mobile device number and the password of the account. Therefore, this paper studies static detection from two aspects of APK function classification and quantification, and applies the research results to the design and implementation of APK file static detection system. This paper summarizes the characteristics of static analysis, combines the static stain propagation technology, classifies the APK files according to the actual running function, and according to the SOURCE and SINK files needed in the process of classification and configuration analysis, makes the static analysis more targeted. Reduce memory and time consumption. Secondly, the sensitive value calculation model is designed. On the basis of the classification, the frequency of the sensitive calls to be detected in each functional classification is counted, and the sensitive values of the sensitive calls, the sensitive paths and the whole sensitive values of the APK files are calculated on the basis of the data. Finally, on the basis of the above two theories, a complete detection system is implemented. In order to extract the detected privacy disclosure problem more effectively, this paper designs a set of report forms which can locate the detected APK file characteristics quickly. Through the report, the user can visualize the description of the detected sensitive path and the numerical estimation of the sensitivity of the file. The system test and analysis show that the static detection system improves the detection accuracy and reduces the detection time.
【學(xué)位授予單位】:北京郵電大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2016
【分類號(hào)】:TP309;TP316
【參考文獻(xiàn)】
相關(guān)期刊論文 前2條
1 秦中元;徐毓青;梁彪;張群芳;黃杰;;一種Android平臺(tái)惡意軟件靜態(tài)檢測(cè)方法[J];東南大學(xué)學(xué)報(bào)(自然科學(xué)版);2013年06期
2 彭智俊;張?jiān)?楊珉;;用靜態(tài)信息流分析檢測(cè)Android應(yīng)用中的日志隱患[J];小型微型計(jì)算機(jī)系統(tǒng);2013年06期
相關(guān)碩士學(xué)位論文 前1條
1 王舒;基于逆向工程的Android惡意代碼的研究實(shí)現(xiàn)與預(yù)防[D];電子科技大學(xué);2013年
,本文編號(hào):2401725
本文鏈接:http://www.sikaile.net/kejilunwen/ruanjiangongchenglunwen/2401725.html
最近更新
教材專著
