计算机科学 ›› 2019, Vol. 46 ›› Issue (5): 83-91.doi: 10.11896/j.issn.1002-137X.2019.05.013
张婧, 李瑞轩, 汤俊伟, 韩洪木, 辜希武
ZHANG Jing, LI Rui-xuan, TANG Jun-wei, HAN Hong-mu, GU Xi-wu
摘要: 第三方库是安卓应用重要的组成部分,应用开发者往往会引入一些具有特定功能的第三方库进行快速开发。针对Android第三方库中存在的共谋风险,提出了面向Android第三方库的共谋行为检测的研究。Android第三方库与应用属于不同的利益体,隐藏在第三方库中的通信行为可以视为应用共谋的一种特殊情况,同样会引发权限提升、组件劫持、性能消耗等恶意行为,这些行为可以引起过多的系统消耗,甚至是引发安全威胁。文中对近些年来国内外学者在该研究领域取得的成果进行了系统总结,给出了研究的共谋定义,并对Android第三方库共谋行为可能产生的风险威胁进行了分析。然后详细介绍了安卓第三方库共谋行为检测的设计方案。针对测试集中的29个第三方库的实验表明,所提设计方案的精确率达到了100%,召回率为89.66%,F-measure值为0.945;同时,本实验还对下载的1207个第三方库进行了分析,对41个国内著名的第三方库非敏感信息共谋行为导致的资源消耗情况进行了验证。最后,对工作进行了总结,并对未来研究进行了展望。
中图分类号:
[1]China Internet Development Statistics Report[OL].[2018-01-31].http://www.cac.gov.cn/2018-01/31/c_1122347026.htm. [2]VIENNOT N,GARCIA E,NIEH J.A measurement study of google play[C]∥Proceedings of the 2014 ACM International Conference on Measurement and Modeling of Computer Systems.New York:ACM,2014:221-233. [3]SEO J,KIM D,CHO D,et al.FLEXDROID:Enforcing In-App Privilege Separation in Android[C]∥Proceedings of the 23th Annual Network & Distributed System Security Symposium.Reston,Virginia:ISOC,2016:1-15. [4]LI Q,CLARK G.Mobile Security:A Look Ahead[J].IEEE Security & Privacy,2013,11(1):78-81. [5]ZHANG Z W,LEI L G,WANG Y W.Studying the Implementation and Security of the Permission Mechanism in Android[J].Netinfo Security,2012(8):3-6.(in Chinese)张中文,雷灵光,王跃武.Android Permission机制的实现与安全分析[J].信息网络安全,2012(8):3-6. [6]BHANDARI S,JABALLAH W B,JAIN V,et al.Android App Collusion Threat and Mitigation Techniques[OL].[2018-05-27].https://arxiv.org/pdf/1611.10076. [7]LIU B,JIN H X,GOVINDAN R.Efficient Privilege De-Escalation for Ad Libraries in Mobile Apps[C]∥Proceedings of the 13th International Conference on Mobile System,Applications,and Services.New York:ACM,2015:89-103. [8]WANG J,WU H.Android Inter-App Communication Threats,Solutions,and Challenges[OL].[2018-05-27].https://arxiv.org/pdf/1803.05039. [9]TAYLOR V F,BERESFORD A R,MARTINOVIC I.Intra-Library Collusion:A Potential Privacy Nightmare on Smartphones[OL].[2018-05-27].https://arxiv.org/pdf/1708.03520. [10]LI L,ALEXANDRE B,TEGAWENDÉ F,et al.Apkcombiner:Combining multiple android apps to support inter-app analysis[C]∥Proceedings of the 30th ICT Systems Security and Privacy Protection.Berlin:Springer,2015:513-527. [11]RAVITCH T,CRESWICKE R,TOMB A,et al.Multi-App Security Analysis with FUSE:Statically Detecting Android App Collusion[C]∥Proceedings of the 4th Program Protection and Reverse Engineering Workshop.New York:ACM,2014:1-10. [12]ZHANG M,YANG L,ZHANG J W.FuzzerAPP:The Robustness Test of Application Component Communication in Android[J].Journal of Computer Research and Development,2017,54(2):338-347.(in Chinese)张密,杨力,张俊伟.FuzzerAPP:Android应用程序组件通信鲁棒性测试[J].计算机研究与发展,2017,54(2):338-347. [13]BLASCO J,CHEN T M.Automated generation of colludingapps for experimental research[J].Journal of Computer Virology & Hacking Techniques,2018,14(2):127-138. [14]ASAVOAE I M,BLASCO J,CHEN T M,et al.Towards Automated Android App Collusion Detection[C]∥Proceedings of the 1st International Workshop on Innovations in Mobile Privacy and Security.2016. [15]WEI F G,ROY S,OU X M,et al.Amandroid:A Precise andGeneral Inter-Component Data Flow Analysis Framework for Security Vetting of Android Apps[C]∥Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security.New York:ACM,2014:1329-1341. [16]BOSU A,LIU F,YAO D F,et al.Collusive Data Leak andMore:Large-scale Threat Analysis of Inter-app Communications[C]∥Proceedings of the 12th ACM on Asia Conference on Computer and Communications Security.New York:ACM,2017:71-85. [17]OCTEAU D,LUCHAUPD,DERINGM,et al.Composite con-stant propagation:Application to android intercomponent communication analysis[C]∥Proceedings of the 37th International Confe-rence on Software Engineering (ICSE),2015. [18]BUGIELS,DAVI L,DMITRIENKO A,et al.Xmandroid:Anew android evolution to mitigate privilege escalation attacks:Technical Report TR-2011-04[R].Technische Universitadt Darmstadt,2011. [19]FENG H,FAWAZ K,SHIN K G.LinkDroid:Reducing Unregulated Aggregation of App Usage Behaviors[C]∥Proceedings of the 24th USENIX Security Symposium.Berkely,CA:USENIX,2015:769-783. [20]BACKES M,BUGIEL S,DERR E.Reliable Third-Party LibraryDetection in Android and its Security Applications[C]∥Proceedings of the 23th ACM Conference on Computer and Communications Security.New York:ACM,2016:356-367. [21]XU M W,MA Y,LIU X Z,et al.AppHolmes:Detecting and Characterizing App Collusion among Third-Party Android Markets[C]∥Proceedings of the 16th International Conference on World Wide Web.Holland:Elsevier,2017. |
[1] | 宁晗阳, 马苗, 杨波, 刘士昌. 密码学智能化研究进展与分析 Research Progress and Analysis on Intelligent Cryptology 计算机科学, 2022, 49(9): 288-296. https://doi.org/10.11896/jsjkx.220300053 |
[2] | 汤凌韬, 王迪, 张鲁飞, 刘盛云. 基于安全多方计算和差分隐私的联邦学习方案 Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy 计算机科学, 2022, 49(9): 297-305. https://doi.org/10.11896/jsjkx.210800108 |
[3] | 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠. 基于战术关联的网络安全风险评估框架 Network Security Risk Assessment Framework Based on Tactical Correlation 计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171 |
[4] | 吕由, 吴文渊. 隐私保护线性回归方案与应用 Privacy-preserving Linear Regression Scheme and Its Application 计算机科学, 2022, 49(9): 318-325. https://doi.org/10.11896/jsjkx.220300190 |
[5] | 窦家维. 保护隐私的汉明距离与编辑距离计算及应用 Privacy-preserving Hamming and Edit Distance Computation and Applications 计算机科学, 2022, 49(9): 355-360. https://doi.org/10.11896/jsjkx.220100241 |
[6] | 高春刚, 王永杰, 熊鑫立. MTDCD:一种对抗网络入侵的混合防御机制 MTDCD:A Hybrid Defense Mechanism Against Network Intrusion 计算机科学, 2022, 49(7): 324-331. https://doi.org/10.11896/jsjkx.210600193 |
[7] | 梁珍珍, 徐明. 基于海洋水声信道的密钥协商方案 Key Agreement Scheme Based on Ocean Acoustic Channel 计算机科学, 2022, 49(6): 356-362. https://doi.org/10.11896/jsjkx.210400097 |
[8] | 杜鸿毅, 杨华, 刘艳红, 杨鸿鹏. 基于网络媒体的非线性动力学信息传播模型 Nonlinear Dynamics Information Dissemination Model Based on Network Media 计算机科学, 2022, 49(6A): 280-284. https://doi.org/10.11896/jsjkx.210500043 |
[9] | 傅丽玉, 陆歌皓, 吴义明, 罗娅玲. 区块链技术的研究及其发展综述 Overview of Research and Development of Blockchain Technology 计算机科学, 2022, 49(6A): 447-461. https://doi.org/10.11896/jsjkx.210600214 |
[10] | 卫宏儒, 李思月, 郭涌浩. 基于智能合约的秘密重建协议 Secret Reconstruction Protocol Based on Smart Contract 计算机科学, 2022, 49(6A): 469-473. https://doi.org/10.11896/jsjkx.210700033 |
[11] | 梁懿雯, 杜育松. 抵御计时攻击的基于Knuth-Yao的二元离散高斯采样算法 Timing Attack Resilient Sampling Algorithms for Binary Gaussian Based on Knuth-Yao 计算机科学, 2022, 49(6A): 485-489. https://doi.org/10.11896/jsjkx.210600017 |
[12] | 闫萌, 林英, 聂志深, 曹一凡, 皮欢, 张兰. 一种提高联邦学习模型鲁棒性的训练方法 Training Method to Improve Robustness of Federated Learning 计算机科学, 2022, 49(6A): 496-501. https://doi.org/10.11896/jsjkx.210400298 |
[13] | 陈彦冰, 钟超然, 周超然, 薛凌妍, 黄海平. 基于医疗联盟链的跨域认证方案设计 Design of Cross-domain Authentication Scheme Based on Medical Consortium Chain 计算机科学, 2022, 49(6A): 537-543. https://doi.org/10.11896/jsjkx.220200139 |
[14] | 周航, 姜河, 赵琰, 解相朋. 适用于各单元共识交易的电力区块链系统优化调度研究 Study on Optimal Scheduling of Power Blockchain System for Consensus Transaction ofEach Unit 计算机科学, 2022, 49(6A): 771-776. https://doi.org/10.11896/jsjkx.210600241 |
[15] | 刘林云, 陈开颜, 李雄伟, 张阳, 谢方方. 基于卷积神经网络的旁路密码分析综述 Overview of Side Channel Analysis Based on Convolutional Neural Network 计算机科学, 2022, 49(5): 296-302. https://doi.org/10.11896/jsjkx.210300286 |
|