Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security detection method for android application file

A technology for applying files and detection methods, applied in the field of detection, can solve problems such as affecting the accuracy of analysis, missed and false positives, and difficulty in taint analysis, and achieve the effects of overcoming loss and wrong addition, wide application and simple operation.

Active Publication Date: 2016-05-04
XIDIAN UNIV
View PDF3 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the characteristics of multiple entry points and callback functions in Android applications, it is difficult to perform taint analysis on Android application files, and false negatives and false positives often occur during the taint analysis process, which affects the accuracy of the analysis.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security detection method for android application file
  • Security detection method for android application file
  • Security detection method for android application file

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] refer to figure 1 , the implementation steps of the present invention are as follows:

[0034] Step 1, convert the Dalvik bytecode file in the Android application file to generate Jimple language.

[0035] At present, there are two main ways to convert the Dalvik bytecode file in the Android application file to generate the Jimple language: one is to convert the Dalvik bytecode into Java bytecode first, and then convert the Java bytecode into Jimple language. But this method is easy to cause the loss of information; Another kind of method is that Dalvik bytecode is directly transformed into Jimple, and the unique tool that supports this conversion at present is Dexpler tool, and the present invention utilizes Dexpler tool to finish to Dalvik bytecode exactly file conversion.

[0036] Step 2. Extract and label the source and output from the Android system file.

[0037] The current method of extracting and marking the source and output from the Android system file is ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security detection method for an android application file, and mainly solves the problem of privacy leakage vulnerability detection capability shortage of an existing android application file. The method is implemented by the steps of 1, converting a Dalvik byte code file in the android application file into a Jimple language; 2, extracting input and output functions related to sensitive data by classification from an android system file, classifying the input and output functions, and marking a source and an output; 3, generating a virtual Main function in the Jimple language and generating an interprocedural control flow diagram according to the function; 4, establishing a taint spread rule; 5, generating a taint access path according to the interprocedural control flow diagram; and 6, according to the marked source and output, executing the taint spread rule in the taint access path to find out a data leakage path. According to the method, the missing and false reporting of privacy leakage vulnerabilities is reduced and the security protection performance is improved, so that the method can be used for detecting the android application file.

Description

technical field [0001] The invention relates to the field of computer security, and further relates to a detection method, which can be used for security detection of application programs on the Android platform, and avoids leakage of private data existing in the application programs. Background technique [0002] The Android system is the current mainstream mobile phone operating system. The Android system is based on the Linux operating system, with the Linux2.6 kernel as the underlying architecture. Android system includes Android kernel, Android system library, Android application framework layer and application layer. Among them, the Android kernel system, as the abstract layer of software and hardware, encapsulates memory management, process management, network protocol stack and driver model, and provides services for upper-layer applications through underlying driver modules such as display drivers, USB drivers, camera drivers, and Bluetooth drivers. . The main fun...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62
CPCG06F21/6281
Inventor 张邦元杨超孙聪马建峰王旭纪倩金方圆张鹏
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com