Privacy leaking detecting method and system for android application network communication

A network-applied and leak-detection technology, applied in network data retrieval, network data indexing, special data processing applications, etc., can solve problems such as ineffective detection and reinforcement applications, and achieve the effects of flexible use methods, high accuracy and efficiency

Active Publication Date: 2017-09-05
HUAZHONG UNIV OF SCI & TECH
View PDF4 Cites 42 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But from an implementation point of view, existing solutions rely on modifying the Android system or Android application structure; dynamic analysis relies on static decompilation technical guidance; cannot effectively detect hardened applications
Therefore, from the perspective of implementation and versatility, the existing solutions need to be improved

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Privacy leaking detecting method and system for android application network communication
  • Privacy leaking detecting method and system for android application network communication
  • Privacy leaking detecting method and system for android application network communication

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0056] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

[0057] Below at first explain and illustrate with regard to the technical terms involved in the present invention:

[0058] Android: The mobile operating system based on the Linux kernel developed by Google has a relatively high market share in the mobile operating system market due to its openness.

[0059] Android application: An application program running on the Android system, mainly devel...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a privacy leaking detecting method and system for android application network communication. The method comprises the following steps: crawling android application to be detected, and building an application set to be detected; building a main-in-the-middle attack server; initializing each tester environment; arranging a multi-tester distributive running scheduling system; analyzing APK files of the application to be detected; installing the application program corresponding to the APK file, and driving the application program to run; analyzing a log file created by the Burp Suite, and acquiring the application set with SSL man-in-the-middle attack; analyzing a network data pack file created in the running process of the collected application program; recognizing the privacy leaking type of the network data pack file according to the application set with the SSL man-in-the-middle attack. The method is flexible to use, and automatic in the whole process; the android system and the android application program structure are not modified; the privacy leaking behavior of the android application in the network communication process can be safely and accurately detected.

Description

technical field [0001] The invention belongs to the technical field of mobile security and interface automation testing, and more specifically relates to a privacy leakage detection method and system in Android application network communication. Background technique [0002] Android mobile devices carry more and more private data of users, and unsafe network communication will lead to leakage of user privacy. According to statistics, about 67% of the Android application network communication process uses the HTTP protocol, and about 20% uses the HTTPS protocol. Due to the clear text transmission of the HTTP protocol, once the HTTP network request contains the user's private data (such as address book, short message, calendar and photo, etc.), there will be a privacy leak. At the same time, incorrect use of the SSL protocol will also cause users to face the risks of man-in-the-middle attacks and privacy leaks. [0003] At present, the following methods are mainly used to so...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/57G06F21/52G06F17/30
CPCG06F16/951G06F16/9566G06F21/52G06F21/567G06F21/577
Inventor 李瑞轩李晶晶辜希武李玉华章衡韩洪木汤俊伟李水祥
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap