Method for detecting malicious application disclosing Android data

A data leakage and malicious application technology, applied in the direction of electronic digital data processing, computer security devices, instruments, etc., can solve the problems of large time consumption, inability to apply market-scale detection, and impractical use of mobile terminals, etc., to achieve the goal of shortening the time Effect

Inactive Publication Date: 2015-04-08
PLA UNIV OF SCI & TECH
View PDF8 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But it consumes a lot of time, because symbolic execution needs to obtain the condition variable values ​​of all branch statements in all leaked data code paths, and then execute them one by one
According to the paper, the average time to detect a single application is about 3.3 minutes, which makes it very impractical to use on the mobile side, and it cannot be applied to market-scale detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for detecting malicious application disclosing Android data
  • Method for detecting malicious application disclosing Android data
  • Method for detecting malicious application disclosing Android data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0040] The following will combine an actual Android malicious application example, apply the system of the present invention to it, and elaborate on the core part, that is, the sensitive function screening part, including detailed implementation and specific operation process. The protection scope of the present invention includes but not limited to the following examples.

[0041] This embodiment is an example of an Android malicious application found in the market, and the application extension is DroidKungFu.apk. According to the detection of the market size, the app was determined to contain malicious software that illegally steals users' private information. After decompilation, we conducted a manual code review on it, which is shown under the core malicious code.

[0042]

[0043] Mainly, the variable mImei represents the string variable that the user stores the IMEI serial number of the mobile phone, and the doSearchReport() function calls two functions, updateInfo(...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for detecting a malicious application disclosing Android data. The method comprises the steps of acquiring a function call graph; building a privacy data reading function set and a privacy data sending function set; traversing the function call graph; detecting whether privacy disclosure occurs in a node which directly or indirectly communicates with the node corresponding to the privacy data reading function in the function call graph so as to determine whether the application is the malicious application disclosing Android data. The method has the advantages that the operation of performing program analysis from top to bottom in a large amount of access points of the Android application can be saved, so that the time is reduced and the efficiency is raised.

Description

technical field [0001] The present invention relates to a malicious application detection method, in particular to a malicious application detection method for Android data leakage. Background technique [0002] Today's Android market, including the official Google Play and some secondary markets, contains a large number of malicious applications. After investigation, quite a few malicious software can steal users' private data, including mobile phone's mobile device international identity code IMEI, phone number, SMS, location and so on. These data leaks will pose a certain threat to the privacy and security of users, and some anti-virus software has been born in the market for this reason. The earliest detection method is based on the analysis of permissions. Since the Android application will remind the user which permissions the application will use when it is installed, the user can decide whether to install it according to the permissions it uses. However, the detect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/563G06F2221/033
Inventor 张涛陈融赵敏王金双袁志坚
Owner PLA UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap