Method for performing automated security detection on android application

An automatic detection and security detection technology, applied in the field of information security, can solve the problems of inability to complete the detection of packaged applications, inability to apply security test analysis in a large number, and limited use methods, and achieve efficient and rapid security analysis, improve efficiency, The effect of solving security risks

Inactive Publication Date: 2017-02-22
ZHONGKE INFORMATION SECURITY COMMON TECH NAT ENG RES CENT CO LTD
View PDF7 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Existing code review technology needs to be configured in the development environment or reviewed through a manual interface. It implements static analysis based on source code, and its usage is limited.
[0003] In addition, the existing security testing tools cannot complete the detection of packed applications, and can only conduct manual analysis through the interactive interface, and the manual analysis method cannot realize automated security testing and analysis for mass applications.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] In the following detailed description, numerous details are set forth in order to provide a complete understanding of the present invention, but those skilled in the art will understand that the present invention may be practiced without these specific details. In the embodiments thereof, well-known methods, procedures, and components have not been described in detail so as not to unnecessarily obscure the embodiments.

[0027] A method for automatic security detection of android applications according to the present invention includes two parts: an environment for automatic security detection of android applications and an automatic detection of android applications;

[0028] The environment construction of the android application automatic security detection includes the following steps:

[0029] Step 1: Establish a vulnerability rule base for common android security vulnerabilities;

[0030] The vulnerability rule base includes common security vulnerabilities and cu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for performing automated security detection on an android application. The method comprises the steps of performing dex file interception on the android application through a specific android system; and then performing security detection on a source code of the android application based on a vulnerability rule base by utilizing specific findbugs. The technical scheme has the beneficial effects that code audit and vulnerability mining are fused integrally by the method, and a shelled application can be subjected to security detection; when the Android application is detected, the application does not need to be subjected to decompilation, debugging, code audit and penetration testing manually, and by utilizing the technical scheme, efficient and quick security analysis can be realized; automated security testing of massive applications can be realized; and developers are assisted to locate vulnerability key code snippets, the developers are facilitated to solve potential security hazards, and the security reinforcement efficiency of the developers is improved.

Description

technical field [0001] The invention relates to the field of information security, in particular to a method for automatic security detection of android applications. Background technique [0002] Existing code review technology needs to be configured in the development environment or reviewed through a manual interface. It implements static analysis based on source code, and its usage is limited. [0003] In addition, the existing security testing tools cannot complete the packaged application detection, and can only conduct manual analysis through the interactive interface, and the manual analysis method cannot realize automated security testing and analysis for mass applications. Contents of the invention [0004] Aiming at the deficiencies of the prior art, the present invention proposes an automatic method for Android application security detection. The method integrates code review and loophole mining, so that the security detection efficiency is higher and the appli...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 龚成博高振鹏
Owner ZHONGKE INFORMATION SECURITY COMMON TECH NAT ENG RES CENT CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap