Android软件广告插件安全性研究及检测系统的实现

发布时间：2018-04-24 03:00

本文选题：广告插件 + 安全分析　；参考：《北京邮电大学》2016年硕士论文

【摘要】：随着移动互联网产业快速发展,Android移动智能终端的普及,移动应用创新不断,移动应用内容已覆盖人们生活的各个方面。用户对移动应用的需求,使得更多开发人员加入应用开发的行列,也使得通过移动应用嵌入广告并通过广告分成获得收益的商业模式大为流行。并且随着移动应用广告的产业规模不断扩大,移动应用广告面临的安全风险凸显。一些移动应用广告存在一些安全性问题,如流量消耗、恶意扣费、隐私窃取等问题,所以很有必要对应用中广告插件的安全性进行分析并对应用中的广告插件进行检测。论文首先对目前的广告插件的研究现状进行总结分析,并从广告插件的安全性和广告插件检测两个方面分别作了分析。针对广告插件的安全分析方面的研究,现阶段主要集中在权限使用、函数调用的分析上,而且许多研究只针对其中某一项进行分析,缺少对广告插件安全性的全面分析。本文则针对广告插件的安全漏洞与风险、用户信息收集、权限使用、及其他不良行为等方面进行了全面的分析。最后根据分析结果,针对广告插件的检测总结提出了一种基于文件词数特征的检测思路。通过调研现有的广告插件检测方法,其中主要包括基于白名单的方式和基于语义分析并结合机器学习的方式,本文在分析这两种方法优缺点的基础上,并结合了安全的分析结果,提出了一种基于反编译数字序列的广告插件检测方法。该方法首先反编译待检测的应用,对反编译获得的每个文件进行词数统计并记录下文件的路径信息,再根据广告包名的形式和路径信息对应用模块进行划分,可获得每个模块的词数序列,并以此为特征借助机器学习的方法实现对广告插件的检测。这些词数序列特征在一定程度上能够避免获取语义特征不足的情况,同时也能解决白名单方法中抗混淆的不足。通过实验对比,结果表明,该特征在检测广告插件方面具有很好的性能,具有更高的准确率。所以根据这种方法设计并实现了针对广告插件检测的系统。最后该系统实现了针对广告插件的精确检测。
[Abstract]:With the rapid development of mobile Internet industry and the popularity of Android mobile intelligent terminals, mobile applications are innovating constantly, and the content of mobile applications has covered all aspects of people's lives. Users' demand for mobile applications makes more developers join the ranks of application development. It also makes the business models which embed advertisements through mobile applications and get profits from advertising become popular. And with the continuous expansion of mobile application advertising industry, mobile application advertising security risks are highlighted. There are some security problems in some mobile application advertisements, such as traffic consumption, malicious charge deduction, privacy theft and so on. Therefore, it is necessary to analyze the security of advertising plug-in in the application and to detect the advertisement plug-in in the application. Firstly, this paper summarizes and analyzes the current research status of advertising plug-in, and analyzes the security of advertising plug-in and the detection of advertising plug-in respectively. The research on the security analysis of advertisement plug-in is mainly focused on the analysis of permission and function call at present, and many researches only focus on one of them, which is lack of comprehensive analysis of the security of advertising plug-in. This paper makes a comprehensive analysis of the security vulnerabilities and risks of advertising plug-ins, user information collection, access to authority, and other bad behavior. Finally, according to the analysis results, a new method based on the feature of file word number is proposed for the detection of advertisement plug-in. By investigating the existing methods of advertising plug-in detection, including whiteling-based approach and semantic analysis combined with machine learning, this paper analyzes the advantages and disadvantages of these two methods. Combined with the result of security analysis, a method of advertisement plug-in detection based on decompiler digital sequence is proposed. The method first decompiled the application to be detected, counted the number of words and recorded the path information of each file, then divided the application modules according to the form and path information of the advertisement package name. The word sequence of each module can be obtained, and based on this feature, the advertisement plug-in can be detected by the method of machine learning. To some extent, these word sequence features can avoid the lack of semantic features and solve the problem of anti-confusion in the whitelist method. The experimental results show that the feature has better performance and higher accuracy in the detection of advertising plug-ins. According to this method, the system of advertisement plug-in detection is designed and implemented. Finally, the system realizes the accurate detection of advertising plug-in.
【学位授予单位】：北京邮电大学
【学位级别】：硕士
【学位授予年份】：2016
【分类号】：TP316;TP309

【参考文献】