A Static Analysis Model for Implicit Information Leakage in Android Application

被引：0

作者：

Cao, Hongsheng ^{[1
]}

Jiao, Jian ^{[1
]}

Li, Denghui ^{[2
]}

机构：

[1] Beijing Informat Sci & Technol Univ, Sch Comp Sci, Beijing Key Lab Internet Culture & Digital Dissem, Beijing, Peoples R China

[2] Giant Interact Grp Inc, Shanghai, Peoples R China

来源：

2018 IEEE 18TH INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY (ICCT) | 2018年

关键词：

Android application; implicit information flow; structure-related flow model; information leak; mobile security;

D O I：

暂无

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

The privacy information leakage can be divided into explicit and implicit information leakage. The detection of IIF (implicit information flow) is an important task in Android Security research. The IIF mechanisms are significantly different from traditional information leakage, because implicit information leakage adopted program structural changes in the way information is leaked. We find the correlation between basic blocks, control structures and expressions of the three different levels objects, proposal SRFM (Structure-Related Flow Model) to describe the relationship between the implicit flow and the control structure. A prototype system TSDroid (Structure-Related Flow Droid) is developed. The experiment shows that TSDroid can detect the implicit information leakage with more efficiency and higher precision than other traditional methods.

引用

页码：1133 / 1140

页数：8

共 50 条

[1] LeakMiner: Detect information leakage on Android with static taint analysis
Yang, ZheMin
Yang, Min
[J]. PROCEEDINGS OF THE 2012 THIRD WORLD CONGRESS ON SOFTWARE ENGINEERING (WCSE 2012), 2012, : 101 - 104
[2] Prevention of Data Leakage due to Implicit Information Flows in Android Applications
Inayoshi, Hiroki
Kakei, Shohei
Takimoto, Eiji
Mouri, Koichi
Saito, Shoichi
[J]. 2019 14TH ASIA JOINT CONFERENCE ON INFORMATION SECURITY (ASIAJCIS 2019), 2019, : 103 - 110
[3] Practical Static Analysis of Detecting Intent-based Permission Leakage in Android Application
Wu, Songyang
Zhang, Yong
Jin, Bo
Cao, Wei
[J]. 2017 17TH IEEE INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY (ICCT 2017), 2017, : 1953 - 1957
[4] Android application behavioural analysis for data leakage
Shrivastava, Gulshan
Kumar, Prabhat
[J]. EXPERT SYSTEMS, 2021, 38 (01)
[5] Detect Sensitive Data Leakage via Inter-application on Android by Using Static Analysis and Dynamic Analysis
Nguyen Tan Cam
Van-Hau Pham
Tuan Nguyen
[J]. INFORMATION SCIENCE AND APPLICATIONS 2017, ICISA 2017, 2017, 424 : 298 - 305
[6] An Analysis Framework for Information Loss and Privacy Leakage on Android Applications
Yeh, Kuo-Hui
Lo, Nai-Wei
Fan, Chuan-Yen
[J]. 2014 IEEE 3RD GLOBAL CONFERENCE ON CONSUMER ELECTRONICS (GCCE), 2014, : 216 - 218
[7] Enhancing the accuracy of static analysis for detecting sensitive data leakage in Android by using dynamic analysis
Ly Hoang Tuan
Nguyen Tan Cam
Van-Hau Pham
[J]. Cluster Computing, 2019, 22 : 1079 - 1085
[8] Enhancing the accuracy of static analysis for detecting sensitive data leakage in Android by using dynamic analysis
Ly Hoang Tuan
Nguyen Tan Cam
Van-Hau Pham
[J]. CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2019, 22 (Suppl 1): : 1079 - 1085
[9] Static Analysis of Implicit Control Flow: Resolving Java']Java Reflection and Android Intents
Barros, Paulo
Just, Rene
Millstein, Suzanne
Vines, Paul
Dietl, Werner
d'Amorim, Marcelo
Ernst, Michael D.
[J]. 2015 30TH IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING (ASE), 2015, : 669 - 679
[10] REDDROID: Android Application Redundancy Customization Based on Static Analysis
Jiang, Yufei
Bao, Qinkun
Wang, Shuai
Liu, Xiao
Wu, Dinghao
[J]. 2018 29TH IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING (ISSRE), 2018, : 189 - 199

← 1 2 3 4 5 →