A Static Analysis Model for Implicit Information Leakage in Android Application

被引：0

作者：

Cao, Hongsheng ^{[1
]}

Jiao, Jian ^{[1
]}

Li, Denghui ^{[2
]}

机构：

[1] Beijing Informat Sci & Technol Univ, Sch Comp Sci, Beijing Key Lab Internet Culture & Digital Dissem, Beijing, Peoples R China

[2] Giant Interact Grp Inc, Shanghai, Peoples R China

来源：

2018 IEEE 18TH INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY (ICCT) | 2018年

关键词：

Android application; implicit information flow; structure-related flow model; information leak; mobile security;

D O I：

暂无

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

The privacy information leakage can be divided into explicit and implicit information leakage. The detection of IIF (implicit information flow) is an important task in Android Security research. The IIF mechanisms are significantly different from traditional information leakage, because implicit information leakage adopted program structural changes in the way information is leaked. We find the correlation between basic blocks, control structures and expressions of the three different levels objects, proposal SRFM (Structure-Related Flow Model) to describe the relationship between the implicit flow and the control structure. A prototype system TSDroid (Structure-Related Flow Droid) is developed. The experiment shows that TSDroid can detect the implicit information leakage with more efficiency and higher precision than other traditional methods.

引用

页码：1133 / 1140

页数：8

共 50 条

[41] Evaluating the Reusability of Android Static Analysis Tools
Mineau, Jean-Marie
Lalande, Jean-Francois
REUSE AND SOFTWARE QUALITY, ICSR 2024, 2024, 14614 : 153 - 170
[42] Static Analysis of Memory Leak in Android Applications
Zhou, Di
Fu, Zhengyu
PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON MECHATRONICS, MATERIALS, CHEMISTRY AND COMPUTER ENGINEERING 2015 (ICMMCCE 2015), 2015, 39 : 1023 - 1027
[43] Static Analysis for Android GDPR Compliance Assurance
Khedkar, Mugdha
2023 IEEE/ACM 45TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS, ICSE-COMPANION, 2023, : 197 - 199
[44] An integrated static detection and analysis framework for android
Song, Jun
Han, Chunling
Wang, Kaixin
Zhao, Jian
Ranjan, Rajiv
Wang, Lizhe
PERVASIVE AND MOBILE COMPUTING, 2016, 32 : 15 - 25
[45] Static Analysis of Context Leaks in Android Applications
Toffalini, Flavio
Sun, Jun
Ochoa, Martin
2018 IEEE/ACM 40TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING - SOFTWARE ENGINEERING IN PRACTICE TRACK (ICSE-SEIP 2018), 2018, : 215 - 224
[46] AN APP BASED ON STATIC ANALYSIS FOR ANDROID RANSOMWARE
Kanwal, Meet
Thakur, Sanjeev
2017 IEEE INTERNATIONAL CONFERENCE ON COMPUTING, COMMUNICATION AND AUTOMATION (ICCCA), 2017, : 813 - 818
[47] AN APP BASED ON STATIC ANALYSIS FOR ANDROID RANSOMWARE
Kanwal, Meet
Thakur, Sanjeev
Lashkari, Rishabh
2017 8TH INTERNATIONAL CONFERENCE ON COMPUTING, COMMUNICATION AND NETWORKING TECHNOLOGIES (ICCCNT), 2017,
[48] Hypercollecting Semantics and Its Application to Static Analysis of Information Flow
Assaf, Mounir
Naumann, David A.
Signoles, Julien
Totel, Eric
Tronel, Frederic
ACM SIGPLAN NOTICES, 2017, 52 (01) : 874 - 887
[49] Hypercollecting semantics and its application to static analysis of information flow
Assaf M.
Naumann D.A.
Signoles J.
Totel E.
Tronel F.
1600, Association for Computing Machinery (52): : 874 - 887
[50] Information Leakage Analysis of Complex C Code and Its application to OpenSSL
Malacaria, Pasquale
Tautchning, Michael
DiStefano, Dino
LEVERAGING APPLICATIONS OF FORMAL METHODS, VERIFICATION AND VALIDATION: FOUNDATIONAL TECHNIQUES, PT I, 2016, 9952 : 909 - 925

← 1 2 3 4 5 →