An android-based covert channel attack audit and detection method

A covert channel and auditing message technology, applied in the direction of platform integrity maintenance, etc., can solve problems such as negative impact of applications, limiting the use of system shared resources, and damaging the availability of shared resources, achieving high tolerance, good scalability, and improved The effect of audit accuracy

Active Publication Date: 2017-12-29
HUAZHONG UNIV OF SCI & TECH
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, such solutions limit the use of system shared resources, damage the availability of shared resources, and cause unnecessary negative effects on the normal operation of applications.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An android-based covert channel attack audit and detection method
  • An android-based covert channel attack audit and detection method
  • An android-based covert channel attack audit and detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

[0022] figure 1 Shown is a schematic diagram of the application environment of the Android-based covert channel attack auditing and detection method of the present invention. The user first defines the covert channel that needs to be audited. In the embodiment of the present invention, the covert channel is defined as a tuple composed of system shared resources and corresponding modification op...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Android-based covert channel attack audit and detection method, belonging to the technical field of computer system security. The present invention comprises the following steps: (1) customizing the target covert channel according to the form of "shared resource-operating primitive"; (2) parsing the defined covert channel into relevant java layer api hook functions and kernel layer audit rules; (3) According to the application permissions for accessing shared resources, and according to the information delivered by the kernel audit module and the java layer hook function at runtime, dynamically audit the operating characteristics of the target shared resources between applications; (4) when the audit value exceeds When the threshold is reached, the shared resource state interference module is invoked to imitate the operating characteristics of the shared resource by a high-privilege application to change the related state of the shared resource and interfere with the covert data transmission based on the shared resource. The invention dynamically audits the existence of the covert channel attack when the system is running, disrupts the data content transmitted by the covert channel, and prevents the leakage of sensitive data.

Description

technical field [0001] The invention belongs to the technical field of computer system security, and more specifically relates to an Android-based covert channel attack auditing and detection method. Background technique [0002] With the popularization and improvement of functions of smart phones, more and more sensitive data information, such as account information and contact information, are stored inside the smart phone. In the face of frequent sensitive data theft methods targeting smartphones, the security of these data is becoming more and more important, requiring continuous research on targeted countermeasures. [0003] Among all kinds of privacy data theft methods, covert channel attacks are extremely concealed. Through the collusion of high-privilege and low-privilege applications, with the help of the observable and changeable state of system shared resources, it bypasses the permission-based security mechanism of the operating system, so that applications that...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
Inventor 金海羌卫中辛诗帆邹德清
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap