Application multidimensional privacy leak detection method and system for iOS platform

Abstract

The invention discloses an application multidimensional privacy leak detection method and system for iOS platform; privacy leak detection is provided for iOS applications from the three dimensions, static analysis, dynamic analysis and data analysis, wherein the static analysis incudes the steps of application decrypting, app storage path locating, disassembling, and disassembly source code sensitive API (application program interface) analysis; the dynamic analysis includes the step of allowing Hook-sensitive API function to acquire a log record by running an application, and acquire a sensitive API calling sequence through log analysis; the data analysis incudes the steps of capturing application network data packets, and analyzing data packet protocol, address and content. The method and system of the invention can provide comprehensive detection for data privacy leaks of iOS applications to obtain complete privacy leak event data.

Description

technical field [0001] The invention relates to the field of information system security detection, in particular to the detection of mobile terminal privacy leakage. Background technique [0002] With the improvement of the national economy and the rapid development of Internet technology, my country's traditional PC Internet has become increasingly saturated, while the mobile Internet has developed rapidly. Mobile smart terminals are gradually becoming the most important tool for people to access the Internet. On January 22, 2016, China Internet Network Information Center (CNNIC) released the 37th "Statistical Report on Internet Development in China": as of December 2015, the number of mobile Internet users in my country reached 620 million. Compared with the end of 2014, The number of Internet users increased by 63.03 million, and the proportion of Internet users who use mobile phones to access the Internet has increased to 90.1%. Mobile phones are still the primary device...

AI Technical Summary

Problems solved by technology

But at the same time as convenient and fast, smart phones also bring huge privacy and security issues

Malicious fee deductions, information theft, deception and fraud caused by application privacy leaks will cause huge troubles and losses to users

[0005] Although the iOS operating system has always been known for its security, there are still various security issues. Among them, one of the most serious user data leakage incidents in Apple's history occurred in June in 2015, causing 220,000 iCloud accounts. Passwords were leaked, and in September of the same year, hackers used the tampered development tool Xcode to inject Trojan horse viruses into more than 300 popular APPs, resulting in the leakage of mobile phone configuration information of hundreds of millions of users

[0006] In the face of frequent application security issues, Apple has deployed relevant strategies for reviewing application security, but Apple’s review mechanism has not been announced to the public. Although there is only one application store, the App Store, there are many online applications. Acts of leaking user privacy

This shows that the application security review mechanism cannot guarantee the privacy of users 100%.

Based on this fact, there are many mobile application security management software and application detection tools in the market, but most of the existing tools are for the Android platform, and there are very few related tools for the iOS platform. The existing research results are basically Using a single static detection or dynamic detection method cannot avoid the inherent defects of a single detection method. For example, the common problems of static analysis are: 1. The application program that has been confused and encrypted cannot be directly analyzed statically. It needs to be decrypted before, but the success rate of decryption cannot reach 100%.

2. It is difficult to decompile iOS applications, and it is impossible to obtain Objective-C language-level decompiled source code. The final form of decompiled files is a combination of ARM assembly language and some pseudocodes.

Common problems in dynamic analysis are: 1. Dynamic analysis needs to run the application on a real machine or an emulator, and traverse all function buttons. The detection speed is relatively slow, and it is prone to incomplete testing.

2. The basis of dynamic analysis is to modify the functions of the operating system to realize the dynamic monitoring of the application program. Therefore, it is necessary to have a deep understanding of the operating system, and the realization of the monitoring function is relatively difficult.

Images