Android应用软件功能泄露漏洞挖掘工具的设计与实现

doi:10.7523/j.issn.2095-6134.2015.01.021

中国科学院大学学报 ›› 2015, Vol. 32 ›› Issue (1): 127-135.DOI: 10.7523/j.issn.2095-6134.2015.01.021

Android应用软件功能泄露漏洞挖掘工具的设计与实现

方喆君, 刘奇旭, 张玉清

中国科学院大学国家计算机网络入侵防范中心, 北京 101408

收稿日期:2014-01-27 修回日期:2014-03-25 发布日期:2015-01-15
通讯作者: 方喆君
基金资助:
国家自然科学基金(61272481,61303239)、北京市自然科学基金 (4122089)、国家发改委信息安全专项(高技[2012]1424)和中国科学院大学校长基金资助

Design and implementation of capability leak detection for Android applications

FANG Zhejun, LIU Qixu, ZHANG Yuqing

National Computer Network Intrusion Protection Center, University of Chinese Academy of Science, Beijing 101408, China

Received:2014-01-27 Revised:2014-03-25 Published:2015-01-15

摘要/Abstract

摘要：

Android平台的功能泄露漏洞会导致权限提升和隐私泄露等严重危害,常被恶意软件用于绕过安全机制.针对这一问题,提出一个基于静态分析的功能泄露漏洞挖掘工具CLDroid.CLDroid使用逆向控制流的程序切片算法从源代码中提取程序逻辑,并利用可定制的安全规则库来检测违规行为.实验结果表明,CLDroid能有效挖掘Android源代码中的功能泄露漏洞,且具有较好的可扩展性.

关键词: 功能泄露漏洞, 静态分析, 程序切片, Android安全

Abstract:

Capability leak vulnerability on Android platform may lead to permission elevation and privacy disclosure, and it is often exploited by malicious applications to bypass Android security mechanism. However, so far there is no approach aiming at Android capability leak detection on the source code level comprehensively. In this paper, we propose a novel approach named CLDroid, which uses backward program slicing to abstract application logic from the Java source code, detects pattern violations based on predefined security rules, and reports the violations as capability leak vulnerability. Results show that our approach is effective in detecting capability leak vulnerability and has better scalability.

Key words: capability leak vulnerability, static analysis, program slicing, Android security

中图分类号:

TP393.08

方喆君, 刘奇旭, 张玉清. Android应用软件功能泄露漏洞挖掘工具的设计与实现[J]. 中国科学院大学学报, 2015, 32(1): 127-135.

FANG Zhejun, LIU Qixu, ZHANG Yuqing. Design and implementation of capability leak detection for Android applications[J]. , 2015, 32(1): 127-135.

参考文献

[1] Gartner. Worldwide smartphone sales in Q₃ 2013[EB/OL]. [2014-1-22]. http://www.gartner.com/newsroom/id/2623415.

[2] AppBrain. Number of available Android applications[EB/OL]. [2014-1-22]. http://www.appbrain.com/stats/.

[3] Roman Unuchek. Obad.a trojan now being distributed via mobile botnets[EB/OL]. [2014-01-22]. http://www.securelist.com/en/blog/8131/Obad_a_Trojan_now_being_distributed_via_mobile_botnets

[4] Chinese 3C Products Sales Promotion. Android, KungFu series variants depth analysis and complete clean-up methods[EB/OL]. [2014-01-22]. http://www.aicuxiao.org/2012/01/17/20403.html

[5] Jiang X X. Smishing vulnerability in multiple Android platforms (including gingerbread, ice cream sandwich, and jelly bean)[EB/OL]. [2014-01-22]. http://www.csc.ncsu.edu/faculty/jiang/smishing.html.

[6] Grace M, Zhou Y, Wang Z, et al. Systematic detection of capability leaks in stock Android smartphones[C]//Proceedings of the 19th Annual Symposium on Network and Distributed System Security. 2012.

[7] Chan P P F, Hui L C K, Yiu S M. Droidchecker: analyzing Android applications for capability leak[C]//Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks. ACM, 2012: 125-136.

[8] Davi L, Dmitrienko A, Sadeghi A R, et al. Privilege escalation attacks on Android[C]//Information Security. Springer Berlin Heidelberg, 2011: 346-360.

[9] Felt A P, Wang H J, Moshchuk A, et al. Permission re-delegation: attacks and defenses[C]//USENIX Security Symposium. 2011.

[10] Enck W, Octeau D, McDaniel P, et al. A study of Android application security[C]//USENIX Security Symposium. 2011.

[11] Enck W, Gilbert P, Chun B G, et al. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones[C]//OSDI. 2010, 10: 255-270.

[12] Gibler C, Crussell J, Erickson J, et al. AndroidLeaks: automatically detecting potential privacy leaks in Android applications on a large scale[C]//Trust and Trustworthy Computing. Springer Berlin Heidelberg, 2012: 291-307.

[13] Kim J, Yoon Y, Yi K, et al. ScanDal: Static analyzer for detecting privacy leaks in Android applications[C]//Proceedings of the Workshop on Mobile Security Technologies (MoST), in Conjunction with the IEEE Symposium on Security and Privacy. 2012.

[14] Yang Z, Yang M, Zhang Y, et al. Appintent: Analyzing sensitive data transmission in Android for privacy leakage detection[C]//Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security. ACM, 2013: 1043-1054.

[15] Felt A P, Chin E, Hanna S, et al. Android permissions demystified[C]//Proceedings of the 18th ACM Conference on Computer and Communications Security. ACM, 2011: 627-638.

[16] Egele M, Brumley D, Fratantonio Y, et al. An empirical study of cryptographic misuse in Android applications[C]//Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security. ACM, 2013: 73-84.

[17] Fuchs A P, Chaudhuri A, Foster J S. SCanDroid: automated security certification of Android applications[EB/OL]. [2014-01-22]. http://www. cs. umd. edu/~avik/projects/scandroidascaa.

[18] Enck W, Ongtang M, McDaniel P. On lightweight mobile phone application certification[C]//Proceedings of the 16th ACM Conference on Computer and Communications Security. ACM, 2009: 235-245.

[19] Mustafa T, Sohr K. Understanding the implemented access control policy of Android system services with slicing and extended static checking[EB/OL]. [2014-01-22]. http://www.informatik.uni-bremen.de/~sohr/papers/Report.pdf.

[20] Berger B J, Sohr K, Koschke R. Extracting and analyzing the implemented security architecture of business applications[C]//Software Maintenance and Reengineering (CSMR), 2013 17th European Conference on. IEEE, 2013: 285-294.

[21] Weiser M. Program slicing[C]//Proceedings of the 5th lnternational Conference on Software Engineering. IEEE Press, 1981: 439-449.

[22] Enck W, Ongtang M, McDaniel P. Understanding Android security[J]. Security & Privacy, IEEE, 2009, 7(1): 50-57.

[23] Jesse Burns. Developing secure mobile applications for Android [EB/OL]. [2014-01-22]. https://www.isecpartners.com/media/11991/isec_securing_android_apps.pdf.

[24] Jgesser. Javaparser: a Java 1.5 parser with AST generation and visitor support[EB/OL]. [2014-01-22]. https://code.google.com/p/javaparser/.

[25] Android Open Source Project. Application fundamentals[EB/OL]. [2014-01-22]. http://developer.android.com/guide/components/fundamentals.html

[26] Fang Z, Zhang Y, Kong Y, et al. Static detection of logic vulnerabilities in Java web applications[J/OL]. Security and Communication Networks, 2013. doi: 10.1002/sec.747, http://onlinelibrary.wiley.com/doi/10.1002/sec.747/abstract.

Android应用软件功能泄露漏洞挖掘工具的设计与实现

Design and implementation of capability leak detection for Android applications

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 3

编辑推荐

Metrics

本文评价

访问统计

联系我们

[1]	叶延玲, 傅晓彤, 张玉清, 乐洪舟. 一种自动化的Android应用定向行为测试方法[J]. 中国科学院大学学报, 2018, 35(3): 409-416.
[2]	王嘉捷, 蒋凡, 张涛. 一种多重循环程序内存访问越界检测方法[J]. 中国科学院大学学报, 2010, 27(1): 117-126.
[3]	王祥根, 司端锋, 冯登国, 苏璞睿. 一种基于自修改代码技术的软件保护方法[J]. 中国科学院大学学报, 2009, 26(5): 688-694.