计算机应用研究2018,Vol.35Issue(3):916-921,6.DOI:10.3969/j.issn.1001-3695.2018.03.058
基于Dalvik寄存器污点分析的Android漏洞检测方法
Android vulnerability detection method based on Dalvik register taint analysis
摘要
Abstract
To prevent the vulnerabilities in Android applications from being exploited by attackers,this paper proposed an Android vulnerability detection method based on Dalvik register taint analysis.Firstly,it performed pre-analysis on the target Android application to obtain the basic information and construced the function call graph.Secondly,with the specific Dalvik register as the taint,it performed the forward analysis as well as backward analysis.Finally,the script executor connected the pre-analysis module,taint analysis module and vulnerability detection scripts to provide the function of vulnerability detection.It presented a prototype of this method,AndroDetector,and performed a contrast experiment to validate its effectiveness.The experiment shows that this method has wider range and higher accuracy of Android vulnerability detection.关键词
移动安全/漏洞检测/静态分析/污点分析Key words
mobile security/vulnerability detection/static analysis/taint analysis分类
信息技术与安全科学引用本文复制引用
靖二霞,应凌云,路晔绵,苏璞睿..基于Dalvik寄存器污点分析的Android漏洞检测方法[J].计算机应用研究,2018,35(3):916-921,6.基金项目
国家自然科学基金资助项目(61502468) (61502468)
国家“863”计划资助项目(2015AA01603) (2015AA01603)
北京市自然科学基金资助项目(4154089) (4154089)
