An Android privacy disclosure behavior detection method and technology based on information flow

A detection technology and privacy leakage technology, applied in the field of mobile security privacy leakage behavior detection technology and system, can solve the problems of dynamic analysis limitation, program interruption, etc., and achieve the effects of expanding the scope, improving the detection rate, and high code coverage

Inactive Publication Date: 2019-01-04
SICHUAN UNIV
View PDF4 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the existing dynamic analysis technology needs to build a good simulation event, which is prone to program interruption. The

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An Android privacy disclosure behavior detection method and technology based on information flow
  • An Android privacy disclosure behavior detection method and technology based on information flow
  • An Android privacy disclosure behavior detection method and technology based on information flow

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0026] The present invention will be further explained below with reference to the drawings and examples.

[0027] Such as figure 1 As shown, an Android privacy information leakage behavior identification method based on information flow analysis has the following steps.

[0028] The control flow graph building module is based on source code analysis and Jimple intermediate representation. The source code contains method call parameters for component communication, corresponding permissions and intent attributes, and intent information is used to match the called component and the spread of privacy information, in order to match the calling component and the called component. The calling component uses the intent information to match the filtering rules of the component. The calling component needs the corresponding permission to access the called component. In order to detect whether there is privacy information leakage behavior in the component communication, the present invention...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Android privacy disclosure behavior detection method and a system based on information flow. The method comprises the following steps: 1) extracting components, permissionsand intention filter information from resource files and Dex files to generate a control flow diagram between processes; 2) analyzing the callback sequence of the application program, constructing theCCFG (Callback Function Control Flow Graph), and checking the potential privacy leakage path by using the static stain tracking analysis ICFG and CCFG; 3) extracting context and attribute values of cross-component communication through HOOK key API in customized sandbox, and optimizing privacy information flow constructed by static analysis; 4) the run program tracking and analyzing the dynamic stain, obtaining the path of the flow direction of the privacy information, and simultaneously extracting the context of the path; 5) according to the privacy leakage paths generated by monitoring logsand stain tracking analysis, the redundancy being removed or new privacy leakage paths being added in combination with context information; 6) the general information entropy method and visual clustering method being used to quantitatively analyze the privacy information leakage.

Description

technical field [0001] The invention relates to an Android privacy information leakage behavior detection method and technology based on information flow analysis, belonging to a mobile security privacy leakage behavior detection technology and system. Background technique [0002] Due to the rise of wireless networks and mobile applications, the replacement rate of mobile devices has accelerated, and the number of applications with specific functions has increased dramatically. In the mobile ecosystem, there are corresponding applications for almost everything that users need. Due to the low market threshold, it attracts a large number of developers and even hackers with ulterior motives. The Android system completes data sharing between processes through Binder, and at the same time uses the permission pop-up box to display the permissions requested by the application to the user. Due to the open source characteristics of the Android system and the emergence of more and mo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/562G06F21/566G06F2221/033
Inventor 方勇张磊刘亮陈泽峰
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap