基于特征匹配的Android应用漏洞分析框架
发布时间:2018-11-11 08:48
【摘要】:Android平台应用数量迅速增长,随之而来的安全问题也日益增多。但现有分析工具大多数只对应用进行简单的扫描,较少涉及深层次的数据流分析,因此某些漏洞无法有效地被发现。该文基于对已有Android应用漏洞特征的归纳,提出一种Android应用漏洞的静态分析框架。从Manifest文件扫描、Smali代码危险函数分析、数据流分析等3个层面归纳了7类主流安全漏洞模式,依此构建了漏洞检测规则,并结合相关静态分析技术对应用进行分析,以发现其中存在的安全漏洞。通过对323个Android应用程序的实验分析,结果表明:该框架的有效检出率在70%以上,误报率在30%以下。因此,该框架能够有效发现Android应用中常见的安全漏洞,提高用户安全性。
[Abstract]:The number of Android platform applications is increasing rapidly, and the security problems are increasing day by day. However, most of the existing analysis tools only scan applications simply, and less involved in deep-level data flow analysis, so some vulnerabilities can not be effectively found. Based on the characteristics of existing Android application vulnerabilities, this paper proposes a static analysis framework for Android application vulnerabilities. From three aspects of Manifest file scanning, Smali code hazard function analysis and data flow analysis, this paper concludes 7 kinds of mainstream security vulnerability patterns, and constructs vulnerability detection rules according to them, and analyzes the application with the relevant static analysis technology. To detect a security flaw in it. The experimental results of 323 Android applications show that the effective detection rate of the framework is more than 70% and the false positive rate is less than 30%. Therefore, the framework can effectively discover common security vulnerabilities in Android applications and improve user security.
【作者单位】: 中国信息安全测评中心;
【基金】:国家自然科学基金资助项目(61272493)
【分类号】:TP316;TP309
[Abstract]:The number of Android platform applications is increasing rapidly, and the security problems are increasing day by day. However, most of the existing analysis tools only scan applications simply, and less involved in deep-level data flow analysis, so some vulnerabilities can not be effectively found. Based on the characteristics of existing Android application vulnerabilities, this paper proposes a static analysis framework for Android application vulnerabilities. From three aspects of Manifest file scanning, Smali code hazard function analysis and data flow analysis, this paper concludes 7 kinds of mainstream security vulnerability patterns, and constructs vulnerability detection rules according to them, and analyzes the application with the relevant static analysis technology. To detect a security flaw in it. The experimental results of 323 Android applications show that the effective detection rate of the framework is more than 70% and the false positive rate is less than 30%. Therefore, the framework can effectively discover common security vulnerabilities in Android applications and improve user security.
【作者单位】: 中国信息安全测评中心;
【基金】:国家自然科学基金资助项目(61272493)
【分类号】:TP316;TP309
【相似文献】
相关期刊论文 前10条
1 林耕宇;;观摩50名Google Android程序开发竞赛作品[J];电子与电脑;2008年08期
2 树子;;Android中文版不完全体验[J];互联网天地;2009年04期
3 Jason Whitmire;;产业软件专家如何协助解决Android的分裂困境[J];电子与电脑;2010年02期
4 蒋彬;;10款Android手机必备应用——Android操作系下的软件评测[J];微电脑世界;2010年04期
5 ;PCWorld Windows Phone 7挑战Android 毅然崛起的AndroidⅠ洗心革面的Windows Phone 7[J];微电脑世界;2010年08期
6 韩青;;Android平台发展的动力与挑战[J];中国电子商情(基础电子);2010年09期
7 方智勇;;Android手机这样用[J];电脑迷;2010年15期
8 缺少浪漫;;Android的另一面[J];电脑迷;2010年13期
9 ;ZTE and Three Release Android ,
本文编号:2324356
本文链接:https://www.wllwen.com/kejilunwen/ruanjiangongchenglunwen/2324356.html