A Static Analysis Model for Implicit Information Leakage in Android Application

被引:0
|
作者
Cao, Hongsheng [1 ]
Jiao, Jian [1 ]
Li, Denghui [2 ]
机构
[1] Beijing Informat Sci & Technol Univ, Sch Comp Sci, Beijing Key Lab Internet Culture & Digital Dissem, Beijing, Peoples R China
[2] Giant Interact Grp Inc, Shanghai, Peoples R China
来源
2018 IEEE 18TH INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY (ICCT) | 2018年
关键词
Android application; implicit information flow; structure-related flow model; information leak; mobile security;
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
The privacy information leakage can be divided into explicit and implicit information leakage. The detection of IIF (implicit information flow) is an important task in Android Security research. The IIF mechanisms are significantly different from traditional information leakage, because implicit information leakage adopted program structural changes in the way information is leaked. We find the correlation between basic blocks, control structures and expressions of the three different levels objects, proposal SRFM (Structure-Related Flow Model) to describe the relationship between the implicit flow and the control structure. A prototype system TSDroid (Structure-Related Flow Droid) is developed. The experiment shows that TSDroid can detect the implicit information leakage with more efficiency and higher precision than other traditional methods.
引用
收藏
页码:1133 / 1140
页数:8
相关论文
共 50 条
  • [21] Detecting and classifying android malware using static analysis along with creator information
    Graduate School of Information Security, Korea University, Seoul
    136-713, Korea, Republic of
    不详
    VA
    20190, United States
    [J]. Int. J. Distrib. Sens. Netw,
  • [22] LibDroid: Summarizing information flow of android native libraries via static analysis
    Shi, Chen
    Cheng, Chris Chao-Chun
    Guan, Yong
    [J]. FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION, 2022, 42
  • [23] Detecting and Classifying Android Malware Using Static Analysis along with Creator Information
    Kang, Hyunjae
    Jang, Jae-wook
    Mohaisen, Aziz
    Kim, Huy Kang
    [J]. INTERNATIONAL JOURNAL OF DISTRIBUTED SENSOR NETWORKS, 2015,
  • [24] LibDroid: Summarizing information flow of android native libraries via static analysis
    Shi, Chen
    Cheng, Chris Chao-Chun
    Guan, Yong
    [J]. Forensic Science International: Digital Investigation, 2022, 42
  • [25] An Android malware static detection model
    Yang, Hong-Yu
    Xu, Jin
    [J]. Jilin Daxue Xuebao (Gongxueban)/Journal of Jilin University (Engineering and Technology Edition), 2018, 48 (02): : 564 - 570
  • [26] Application of information leakage defendable model in enterprise intranet security
    School of Computer Information and Technology, Beijing Jiaotong University, Beijing 100044, China
    不详
    [J]. Jisuanji Yanjiu yu Fazhan, 2007, 5 (761-767):
  • [27] Android application vulnerabilities static mining technology
    Tang, Junwei
    Liu, Jiazhen
    Li, Ruixuan
    Li, Weiming
    [J]. Huazhong Keji Daxue Xuebao (Ziran Kexue Ban)/Journal of Huazhong University of Science and Technology (Natural Science Edition), 2016, 44 : 20 - 24
  • [28] Static and Dynamic Analysis of Android Malware
    Kapratwar, Ankita
    Di Troia, Fabio
    Stamp, Mark
    [J]. ICISSP: PROCEEDINGS OF THE 3RD INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY, 2017, : 653 - 662
  • [29] Static binary analysis of mobile applications for the android platform, according to the requirements of information security
    Aleksandrov Y.A.
    Safin L.K.
    Troshina K.N.
    Chernov A.V.
    [J]. Moscow University Computational Mathematics and Cybernetics, 2016, 40 (3) : 141 - 146
  • [30] Privilege Leakage and Information Stealing through the Android Task Mechanism
    Xiao, Yinhao
    Bai, Guangdong
    Mao, Jian
    Liang, Zhenkai
    Cheng, Wei
    [J]. 2017 1ST IEEE SYMPOSIUM ON PRIVACY-AWARE COMPUTING (PAC), 2017, : 152 - 163
12345