Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for detecting privacy leakage on basis of context information

A privacy leakage and detection method technology, applied in the direction of instrument, platform integrity maintenance, digital data protection, etc., can solve the problems of repackaging failure, increased system overhead, difficulty of development, and large software impact, etc., to achieve small modification, Ease of Deployment, Efforts to Mitigate Challenges

Inactive Publication Date: 2018-07-27
NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
View PDF1 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] 2) The source code of the Android system needs to be modified in the way of dynamic monitoring, which increases the difficulty of development while sacrificing a small amount of system overhead
Due to the serious fragmentation of the Android market, different Android version systems need to be customized and modified accordingly, making this method difficult to promote
[0008] 3) Using the method of repackaging and inserting monitoring code will modify the content of APK, which has a great impact on the software itself, and some software uses reinforcement methods to make repackaging fail, and sometimes even the repackaged software cannot run Happening

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for detecting privacy leakage on basis of context information
  • Method for detecting privacy leakage on basis of context information
  • Method for detecting privacy leakage on basis of context information

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0049] The privacy leakage detection method based on context information includes the following contents:

[0050] 1. Acquisition of software taint propagation path

[0051] Configure the source and anchor functions, and then obtain the taint propagation path through the FlowDroid static taint analysis platform.

[0052] 2. Acquisition of software function call graph

[0053] Decompile the software installation package to generate Java code, and then use the Soot framework to obtain its function call graph from the decompiled Java code.

[0054] 3. Construction of Android permission and API mapping relationship

[0055] The mapping relationship between permissions and APIs reflects the relevant permissions required for an API call. In order to cover a larger area of ​​API functions, we use the data provided in the PScout project.

[0056] 4. Collection of system and UI event information

[0057] The information we collect includes system events commonly u...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for detecting privacy leakage on Android platforms on the basis of context information. The method comprises the following steps of: 1, carrying out static taint analysis on software to obtain a taint propagation path; 2, carrying out static function analysis on the software to obtain a software function calling map; 3, constructing a mapping relationship between Android authorities and APIs, and collecting a system and UI event information at the same time; 4, integrating data collected in the steps 1, 2 and 3, and constructing privacy-related API function context information; 5, intercepting privacy-related API functions used in the software, and constructing dynamic execution context information; 6, carrying out privacy leakage detection on the collecteddynamic execution context information and the privacy-related API function context information constructed in static analysis; and 7, if a similarity in the privacy leakage detection in the step 6 isgreater than or equal to a set threshold value Q, judging that a privacy leakage risk exists. The method is capable of achieving the aims of automatically detecting privacy detection and protecting privacy data, and has relatively low extra resource consumption.

Description

technical field [0001] The invention belongs to the field of information security and privacy leakage detection and protection, and in particular relates to a privacy leakage detection method based on context information. Background technique [0002] The Android operating system has surpassed Windows to become the operating system with the largest market share in the world. While the Android market continues to flourish, the third-party software market provides APPs with rich functions. At the same time, a large amount of high-value private data is stored in the user's system. Once the private data is leaked, it will bring a heavy mental burden and property loss to the user. [0003] Scholars at home and abroad have conducted a lot of in-depth research on the privacy leakage detection of the Android system. Such research is based on static and dynamic analysis. Static analysis analyzes the APK file and uses methods such as static data flow analysis, information flow, and c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06F21/62
CPCG06F21/562G06F21/566G06F21/6245G06F2221/2107
Inventor 庄毅蒋理顾晶晶杨帆潘佳烨
Owner NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com