一种Android平台反钓鱼攻击解决方案
发布时间:2018-10-31 15:55
【摘要】:进入二十一世纪以来,移动终端作为一个新兴设备发展非常迅速,尤其是智能终端的问世,极大的方便了人们的日常生活,3G与4G网络的逐渐普及,网络带宽的增加,以iPhone的发布开始,Android系统的风靡为标识,智能手机中各式各样的应用宣布了移动互联网时代的到来。然而随着移动应用尤其是移动支付的普及,针对Android平台安全问题也逐渐凸显出来。手机中大量存储了人们日常生活中的数据,例如通信录,短信,应用数据,日常行为等。随着手机应用的不断推广,伴随而来的数据安全问题也日渐突出。面对这些隐私数据,针对Android平台上社交与支付类应用的钓鱼攻击也逐年增加,引发窃取用户隐私数据尤其是金融相关数据的行为从而导致信息泄露或财产损失的后果非常严重。本文分析了针对Android平台钓鱼攻击的基本原理,同时指出了Android平台下安全软件无法识别以及在应用层无法拦截这种攻击的内在原因,根据钓鱼攻击的两种方式,设计了反钓鱼方案:针对重打包攻击,设计了手机端APK检测模块,用来检测应用文件是否被重打包;针对后台监控钓鱼方式,基于Android 4.4系统,在框架层AMS(活动管理服务)中添加钓鱼攻击监控与拦截模块。同时编写钓鱼应用并在不同机型系统中做攻击测试,测试数据表明添加监控与拦截模块的系统可以有效的拦截钓鱼应用的攻击;利用各大安全论坛中提供学习研究的重打包应用测试APK检测模块,结果表明APK检测模块可以有效的检测出重打包应用。
[Abstract]:Since 21 century, mobile terminal has developed very quickly as a new device, especially the advent of intelligent terminal, which greatly facilitates people's daily life, the gradual popularization of 3G and 4G network, and the increase of network bandwidth. With the release of iPhone and the popularity of Android system, various applications in smart phones have announced the arrival of the mobile Internet era. However, with the popularity of mobile applications, especially mobile payment, the security of Android platform becomes more and more important. The mobile phone stores a lot of data in people's daily life, such as communication record, SMS, application data, daily behavior and so on. With the continuous promotion of mobile phone applications, the accompanying data security issues are becoming increasingly prominent. In the face of these privacy data, phishing attacks on social and payment applications on Android platform are increasing year by year, which leads to the behavior of stealing users' privacy data, especially financial data, which results in information leakage or property loss. This paper analyzes the basic principle of phishing attack on Android platform, and points out the inherent reasons why the security software can not be recognized and the attack can not be intercepted in the application layer under the Android platform, according to the two ways of phishing attack. The anti-phishing scheme is designed: aiming at the repackaging attack, the APK detection module of mobile phone is designed to detect whether the application file is repackaged or not; Based on the Android 4.4 system, the phishing attack monitoring and intercepting module is added to the framework layer AMS (activity Management Service). At the same time, the phishing application is written and tested in different models. The test data show that the system with monitoring and intercepting module can effectively intercept the attack of phishing application. The APK detection module of repackaging application is used to test the repackaging application, which is provided in various security forums. The results show that the APK detection module can effectively detect the repackaging application.
【学位授予单位】:西安电子科技大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
本文编号:2302774
[Abstract]:Since 21 century, mobile terminal has developed very quickly as a new device, especially the advent of intelligent terminal, which greatly facilitates people's daily life, the gradual popularization of 3G and 4G network, and the increase of network bandwidth. With the release of iPhone and the popularity of Android system, various applications in smart phones have announced the arrival of the mobile Internet era. However, with the popularity of mobile applications, especially mobile payment, the security of Android platform becomes more and more important. The mobile phone stores a lot of data in people's daily life, such as communication record, SMS, application data, daily behavior and so on. With the continuous promotion of mobile phone applications, the accompanying data security issues are becoming increasingly prominent. In the face of these privacy data, phishing attacks on social and payment applications on Android platform are increasing year by year, which leads to the behavior of stealing users' privacy data, especially financial data, which results in information leakage or property loss. This paper analyzes the basic principle of phishing attack on Android platform, and points out the inherent reasons why the security software can not be recognized and the attack can not be intercepted in the application layer under the Android platform, according to the two ways of phishing attack. The anti-phishing scheme is designed: aiming at the repackaging attack, the APK detection module of mobile phone is designed to detect whether the application file is repackaged or not; Based on the Android 4.4 system, the phishing attack monitoring and intercepting module is added to the framework layer AMS (activity Management Service). At the same time, the phishing application is written and tested in different models. The test data show that the system with monitoring and intercepting module can effectively intercept the attack of phishing application. The APK detection module of repackaging application is used to test the repackaging application, which is provided in various security forums. The results show that the APK detection module can effectively detect the repackaging application.
【学位授予单位】:西安电子科技大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
【参考文献】
相关期刊论文 前1条
1 曾立濵;唐泉彬;牛斗;;Android系统应用程序组件安全性分析[J];软件;2014年03期
,本文编号:2302774
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2302774.html
