發(fā)布時間：2019-01-05 11:27

【摘要】：近年來,Android智能手機發(fā)展十分迅速,但是Android系統(tǒng)的開源性以及應用商城對新發(fā)布軟件檢查力度的薄弱,導致Android平臺上的惡意軟件日漸增長,單純依靠病毒分析人員手工處理已經(jīng)無法滿足海量樣本的要求。在常見的敏感行為中,用戶敏感數(shù)據(jù)泄露尤為突出,輕則造成移動設備編號的泄露,重則造成賬號密碼的泄露。因此,論文從APK功能分類和檢測量化兩個方向?qū)o態(tài)檢測進行研究,并將研究結(jié)果應用于APK文件靜態(tài)檢測系統(tǒng)的設計和實現(xiàn)。論文總結(jié)靜態(tài)分析的特點,結(jié)合靜態(tài)污點傳播技術(shù),將APK文件按照實際運行功能進行分類,并根據(jù)分類配置分析過程中所需要的SOURCE和SINK文件,使靜態(tài)分析更具有針對性,減少內(nèi)存和時間消耗。其次,設計了敏感值計算模型。在分類的基礎上,統(tǒng)計各個功能分類中待檢測敏感調(diào)用的使用頻率,并以此為數(shù)據(jù)基礎計算敏感調(diào)用的敏感值、敏感路徑的敏感值以及APK文件整體的敏感值。最后,在以上兩點理論的基礎上,論文實現(xiàn)了一個完整的檢測系統(tǒng)。為了更有效的提煉出已經(jīng)檢測到的隱私泄露問題,論文設計出一套能夠快速定位所被檢測APK文件特性的報表。通過報表,用戶能夠直觀的看到關于檢測到的敏感路徑的描述,以及對文件敏感性的數(shù)值估計。系統(tǒng)測試和分析表明該靜態(tài)檢測系統(tǒng)提高了檢測準確率并降低了檢測時間。
[Abstract]:In recent years, Android smartphones have developed very rapidly, but the open source of Android system and the weak check of newly released software by application mall have led to the increasing malware on Android platform. Simply relying on virus analysts manual processing has been unable to meet the requirements of a large number of samples. In the common sensitive behavior, the sensitive data leakage of the user is especially prominent, which causes the leakage of the mobile device number and the password of the account. Therefore, this paper studies static detection from two aspects of APK function classification and quantification, and applies the research results to the design and implementation of APK file static detection system. This paper summarizes the characteristics of static analysis, combines the static stain propagation technology, classifies the APK files according to the actual running function, and according to the SOURCE and SINK files needed in the process of classification and configuration analysis, makes the static analysis more targeted. Reduce memory and time consumption. Secondly, the sensitive value calculation model is designed. On the basis of the classification, the frequency of the sensitive calls to be detected in each functional classification is counted, and the sensitive values of the sensitive calls, the sensitive paths and the whole sensitive values of the APK files are calculated on the basis of the data. Finally, on the basis of the above two theories, a complete detection system is implemented. In order to extract the detected privacy disclosure problem more effectively, this paper designs a set of report forms which can locate the detected APK file characteristics quickly. Through the report, the user can visualize the description of the detected sensitive path and the numerical estimation of the sensitivity of the file. The system test and analysis show that the static detection system improves the detection accuracy and reduces the detection time.
【學位授予單位】：北京郵電大學
【學位級別】：碩士
【學位授予年份】：2016
【分類號】：TP309;TP316

【參考文獻】

相關期刊論文 前2條

1 秦中元;徐毓青;梁彪;張群芳;黃杰;;一種Android平臺惡意軟件靜態(tài)檢測方法[J];東南大學學報(自然科學版);2013年06期

2 彭智俊;張源;楊珉;;用靜態(tài)信息流分析檢測Android應用中的日志隱患[J];小型微型計算機系統(tǒng);2013年06期

相關碩士學位論文 前1條

1 王舒;基于逆向工程的Android惡意代碼的研究實現(xiàn)與預防[D];電子科技大學;2013年

，

本文編號：2401725