Computer Science ›› 2019, Vol. 46 ›› Issue (5): 83-91.doi: 10.11896/j.issn.1002-137X.2019.05.013

Previous Articles     Next Articles

Collusion Behavior Detection Towards Android Third-party Libraries

ZHANG Jing, LI Rui-xuan, TANG Jun-wei, HAN Hong-mu, GU Xi-wu   

  1. (School of Computer Science and Technology,Huazhong University of Science and Technology,Wuhan 430074,China)
  • Received:2018-10-01 Revised:2018-12-02 Published:2019-05-15

Abstract: Third-party library is an important part of Android applications.Application developers often introduce some third-party libraries with specific functions forrapid development.Concerning the risk of collusion in Android third-party libraries,this paper studied the collusion of Android third-party libraries.Android third-party libraries and applications belong to different interests.Communication behaviors hidden in third-party libraries can be considered as a special case of application collusion,and it will also lead to privilege escalation and component hijacking.Furthermore,these behaviors can cause excessive system consumption,and even trigger security threats.This paper presented a systematic survey of existing research achievements of the domestic and foreign researchers in recent years.First,this paper gave the definition of collusion,and analyzed the risks of the collusion behavior in Android third-party libraries.Then,it pre-sented the design of the Android third-party library collusion behavior detection system in detail.For the 29 third-party libraries in the test set,the experiment shows that the accuracy of this design is 100%,the recall rate is 89.66%,and the F-measure value is 0.945.At the same time,the downloaded 1207 third-party libraries were analyzed.The experiments also verify the resource consumption caused by non-sensitive information collusion behavior of 41 domestic famous third-party libraries.Finally,this paper concluded the work and gave a perspective of the future work.

Key words: Android third-party library, Application collusion, Inter-component communication, Sensitive path

CLC Number: 

  • TP309
[1]China Internet Development Statistics Report[OL].[2018-01-31].http://www.cac.gov.cn/2018-01/31/c_1122347026.htm.
[2]VIENNOT N,GARCIA E,NIEH J.A measurement study of google play[C]∥Proceedings of the 2014 ACM International Conference on Measurement and Modeling of Computer Systems.New York:ACM,2014:221-233.
[3]SEO J,KIM D,CHO D,et al.FLEXDROID:Enforcing In-App Privilege Separation in Android[C]∥Proceedings of the 23th Annual Network & Distributed System Security Symposium.Reston,Virginia:ISOC,2016:1-15.
[4]LI Q,CLARK G.Mobile Security:A Look Ahead[J].IEEE Security & Privacy,2013,11(1):78-81.
[5]ZHANG Z W,LEI L G,WANG Y W.Studying the Implementation and Security of the Permission Mechanism in Android[J].Netinfo Security,2012(8):3-6.(in Chinese)张中文,雷灵光,王跃武.Android Permission机制的实现与安全分析[J].信息网络安全,2012(8):3-6.
[6]BHANDARI S,JABALLAH W B,JAIN V,et al.Android App Collusion Threat and Mitigation Techniques[OL].[2018-05-27].https://arxiv.org/pdf/1611.10076.
[7]LIU B,JIN H X,GOVINDAN R.Efficient Privilege De-Escalation for Ad Libraries in Mobile Apps[C]∥Proceedings of the 13th International Conference on Mobile System,Applications,and Services.New York:ACM,2015:89-103.
[8]WANG J,WU H.Android Inter-App Communication Threats,Solutions,and Challenges[OL].[2018-05-27].https://arxiv.org/pdf/1803.05039.
[9]TAYLOR V F,BERESFORD A R,MARTINOVIC I.Intra-Library Collusion:A Potential Privacy Nightmare on Smartphones[OL].[2018-05-27].https://arxiv.org/pdf/1708.03520.
[10]LI L,ALEXANDRE B,TEGAWENDÉ F,et al.Apkcombiner:Combining multiple android apps to support inter-app analysis[C]∥Proceedings of the 30th ICT Systems Security and Privacy Protection.Berlin:Springer,2015:513-527.
[11]RAVITCH T,CRESWICKE R,TOMB A,et al.Multi-App Security Analysis with FUSE:Statically Detecting Android App Collusion[C]∥Proceedings of the 4th Program Protection and Reverse Engineering Workshop.New York:ACM,2014:1-10.
[12]ZHANG M,YANG L,ZHANG J W.FuzzerAPP:The Robustness Test of Application Component Communication in Android[J].Journal of Computer Research and Development,2017,54(2):338-347.(in Chinese)张密,杨力,张俊伟.FuzzerAPP:Android应用程序组件通信鲁棒性测试[J].计算机研究与发展,2017,54(2):338-347.
[13]BLASCO J,CHEN T M.Automated generation of colludingapps for experimental research[J].Journal of Computer Virology & Hacking Techniques,2018,14(2):127-138.
[14]ASAVOAE I M,BLASCO J,CHEN T M,et al.Towards Automated Android App Collusion Detection[C]∥Proceedings of the 1st International Workshop on Innovations in Mobile Privacy and Security.2016.
[15]WEI F G,ROY S,OU X M,et al.Amandroid:A Precise andGeneral Inter-Component Data Flow Analysis Framework for Security Vetting of Android Apps[C]∥Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security.New York:ACM,2014:1329-1341.
[16]BOSU A,LIU F,YAO D F,et al.Collusive Data Leak andMore:Large-scale Threat Analysis of Inter-app Communications[C]∥Proceedings of the 12th ACM on Asia Conference on Computer and Communications Security.New York:ACM,2017:71-85.
[17]OCTEAU D,LUCHAUPD,DERINGM,et al.Composite con-stant propagation:Application to android intercomponent communication analysis[C]∥Proceedings of the 37th International Confe-rence on Software Engineering (ICSE),2015.
[18]BUGIELS,DAVI L,DMITRIENKO A,et al.Xmandroid:Anew android evolution to mitigate privilege escalation attacks:Technical Report TR-2011-04[R].Technische Universitadt Darmstadt,2011.
[19]FENG H,FAWAZ K,SHIN K G.LinkDroid:Reducing Unregulated Aggregation of App Usage Behaviors[C]∥Proceedings of the 24th USENIX Security Symposium.Berkely,CA:USENIX,2015:769-783.
[20]BACKES M,BUGIEL S,DERR E.Reliable Third-Party LibraryDetection in Android and its Security Applications[C]∥Proceedings of the 23th ACM Conference on Computer and Communications Security.New York:ACM,2016:356-367.
[21]XU M W,MA Y,LIU X Z,et al.AppHolmes:Detecting and Characterizing App Collusion among Third-Party Android Markets[C]∥Proceedings of the 16th International Conference on World Wide Web.Holland:Elsevier,2017.
[1] ZHAO Sai, LIU Hao, WANG Yu-feng, SU Hang, YAN Ji-wei. Fuzz Testing of Android Inter-component Communication [J]. Computer Science, 2020, 47(11A): 303-309.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!