计算机应用与软件Issue(3):297-301,316,6.DOI:10.3969/j.issn.1000-386x.2015.03.070
Android 应用隐私泄露的自动化检测
AUTOMATICALLY DETECTING PRIVACY LEAKS OF ANDROID APPLICATIONS
摘要
Abstract
When Android becomes the smartphone operating system with largest global market share,the malicious applications is booming on its platform.In particular,privacy leak problems in Android applications are getting worsening.With the development of technology,the concealment of privacy leaks in Android applications grows high increasingly,and its detection becomes more and more difficult as well,for instance,using reflection technique to hide the privacy leak operations.Facing such challenge,in this paper we detect and analyse the pseu-do-code of Android applications and propose a new analysis approach for detecting the reflection callings occurring in pseudo-code.Through re-constructing the reflection calling’s arguments and restoring it to the standard calling,we make the reflection calling explicit,so that those privacy leak behaviours which cannot be found and confirmed previously are detected.Based on this work,we design and implement a static detection tool for Android applications privacy leak.At last,the effectiveness of the proposed approach and tool is validated by the experi-ments and analyses on benign applications from Android market and the malicious applications collected from Internet.关键词
反射检测/程序静态分析/污染分析/Android应用Key words
Reflection detection/Program static analysis/Taint analysis/Android application分类
信息技术与安全科学引用本文复制引用
刘涛,唐祝寿,沈备军..Android 应用隐私泄露的自动化检测[J].计算机应用与软件,2015,(3):297-301,316,6.基金项目
信息网络安全公安部重点实验室开放基金课题 ()
