A Static Analysis Model for Implicit Information Leakage in Android Application

被引:0
|
作者
Cao, Hongsheng [1 ]
Jiao, Jian [1 ]
Li, Denghui [2 ]
机构
[1] Beijing Informat Sci & Technol Univ, Sch Comp Sci, Beijing Key Lab Internet Culture & Digital Dissem, Beijing, Peoples R China
[2] Giant Interact Grp Inc, Shanghai, Peoples R China
来源
2018 IEEE 18TH INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY (ICCT) | 2018年
关键词
Android application; implicit information flow; structure-related flow model; information leak; mobile security;
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
The privacy information leakage can be divided into explicit and implicit information leakage. The detection of IIF (implicit information flow) is an important task in Android Security research. The IIF mechanisms are significantly different from traditional information leakage, because implicit information leakage adopted program structural changes in the way information is leaked. We find the correlation between basic blocks, control structures and expressions of the three different levels objects, proposal SRFM (Structure-Related Flow Model) to describe the relationship between the implicit flow and the control structure. A prototype system TSDroid (Structure-Related Flow Droid) is developed. The experiment shows that TSDroid can detect the implicit information leakage with more efficiency and higher precision than other traditional methods.
引用
收藏
页码:1133 / 1140
页数:8
相关论文
共 50 条
  • [1] LeakMiner: Detect information leakage on Android with static taint analysis
    Yang, ZheMin
    Yang, Min
    PROCEEDINGS OF THE 2012 THIRD WORLD CONGRESS ON SOFTWARE ENGINEERING (WCSE 2012), 2012, : 101 - 104
  • [2] Prevention of Data Leakage due to Implicit Information Flows in Android Applications
    Inayoshi, Hiroki
    Kakei, Shohei
    Takimoto, Eiji
    Mouri, Koichi
    Saito, Shoichi
    2019 14TH ASIA JOINT CONFERENCE ON INFORMATION SECURITY (ASIAJCIS 2019), 2019, : 103 - 110
  • [3] Practical Static Analysis of Detecting Intent-based Permission Leakage in Android Application
    Wu, Songyang
    Zhang, Yong
    Jin, Bo
    Cao, Wei
    2017 17TH IEEE INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY (ICCT 2017), 2017, : 1953 - 1957
  • [4] Android application behavioural analysis for data leakage
    Shrivastava, Gulshan
    Kumar, Prabhat
    EXPERT SYSTEMS, 2021, 38 (01)
  • [5] Detect Sensitive Data Leakage via Inter-application on Android by Using Static Analysis and Dynamic Analysis
    Nguyen Tan Cam
    Van-Hau Pham
    Tuan Nguyen
    INFORMATION SCIENCE AND APPLICATIONS 2017, ICISA 2017, 2017, 424 : 298 - 305
  • [6] SAILS: Static analysis of information leakage with sample
    Zanioli, Matteo
    Ferrara, Pietro
    Cortesi, Agostino
    Proceedings of the ACM Symposium on Applied Computing, 2012, : 1308 - 1313
  • [7] An Analysis Framework for Information Loss and Privacy Leakage on Android Applications
    Yeh, Kuo-Hui
    Lo, Nai-Wei
    Fan, Chuan-Yen
    2014 IEEE 3RD GLOBAL CONFERENCE ON CONSUMER ELECTRONICS (GCCE), 2014, : 216 - 218
  • [8] Enhancing the accuracy of static analysis for detecting sensitive data leakage in Android by using dynamic analysis
    Ly Hoang Tuan
    Nguyen Tan Cam
    Van-Hau Pham
    Cluster Computing, 2019, 22 : 1079 - 1085
  • [9] Enhancing the accuracy of static analysis for detecting sensitive data leakage in Android by using dynamic analysis
    Ly Hoang Tuan
    Nguyen Tan Cam
    Van-Hau Pham
    CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2019, 22 (Suppl 1): : 1079 - 1085
  • [10] Static Analysis of Implicit Control Flow: Resolving Java']Java Reflection and Android Intents
    Barros, Paulo
    Just, Rene
    Millstein, Suzanne
    Vines, Paul
    Dietl, Werner
    d'Amorim, Marcelo
    Ernst, Michael D.
    2015 30TH IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING (ASE), 2015, : 669 - 679
12345