Implicit channel detection method between Android applications based on semantic graph of intent communication behavior

A detection method and inter-application technology, applied in the field of mobile platform information security, can solve single and other problems, and achieve the effects of increasing training samples, strong practicability, and small feature dimensions

Active Publication Date: 2022-06-24
NANJING UNIV OF SCI & TECH
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Collusion stealing applications implement complex and diverse means, but their salient feature is that there is a covert channel between them, which is realized by reading and writing jointly accessible resources or Intent mechanisms
At present, most of the stealth detection mechanisms of security protection tools on the Android platform are aimed at a single application.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Implicit channel detection method between Android applications based on semantic graph of intent communication behavior
  • Implicit channel detection method between Android applications based on semantic graph of intent communication behavior
  • Implicit channel detection method between Android applications based on semantic graph of intent communication behavior

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0014] combine figure 1 , the present invention is based on the Android inter-application hidden channel detection method of Intent communication behavior semantic map, comprising the following steps:

[0015] Step 1. Screening suspicious candidate applications: Screening suspicious candidate application sets from the target Android platform according to the read and write permissions of sensitive information, network communication permissions and whether there is historical Intent communication;

[0016] Step 2. Build a candidate application-Intent function call weight map: obtain Intent communication events by monitoring Intent-related functions to build a candidate application-Intent function call weight map;

[0017] Step 3, establishing a sending application-receiving application association graph: performing relationship matching between the sending broadcast message calling behavior and the receiving broadcast message calling behavior, and establishing a sending applica...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a hidden channel detection method between Android applications based on the Intent communication behavior semantic graph, which includes the following content: screening suspicious candidate application sets from the target Android platform; obtaining Intent communication events by monitoring Intent related functions to establish candidate applications- Intent function call weight graph; perform relationship matching between sending broadcast message calling behavior and receiving broadcast message calling behavior, and establish sending application-receiving application association graph; decompose sending application-receiving application association graph into multiple Intent communication pairs, and extract Intent communication The semantic description vector of the behavior of the pair, and extract the sensitive permission flag vector of the two applications in the communication pair, combine the two vectors to form the collusion application feature vector, and perform supervised learning on the vector to realize the detection of hidden channels between applications. The invention uses communication features to describe the collusion stealing behavior of a pair of Android application programs, has good applicability, and is suitable for detecting Android collusion stealing applications under the situation of large differences in operating environments and insufficient training samples.

Description

technical field [0001] The invention belongs to the field of mobile platform information security, in particular to a hidden channel detection method between Android applications based on an Intent communication behavior semantic map. Background technique [0002] At present, the theft detection mechanism of various security protection tools on the Android platform is mainly aimed at a single application, especially for applications that have both sensitive information read and network connection permissions, and it is also the key target of various security protection tools. In order to achieve stronger concealment, some stealing behaviors have begun to use multiple software conspiracy methods to achieve collusion stealing. The functions of information acquisition and network transmission are decomposed into multiple applications, which makes the existing secret theft detection mechanism for a single application invalid. The corresponding price is that the implantation diff...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04W12/37H04W12/122H04W12/06H04W12/68
CPCH04W12/06H04W12/35H04W12/128
Inventor 刘伟伟陆明刘员都刘光杰吉小鹏
Owner NANJING UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products