摘要
根据目前第三方Android应用市场应用存在的重新打包行为,随机选取国内官方的150个应用以及作为对比的第三方应用市场的572个同款应用,设计了Android重新打包应用安全检测系统。该系统先进行相似性计算,细粒度识别出重新打包应用,再通过逆向工程获得其资源文件,根据系统API与权限之间的映射匹配分析其越权行为,并根据构建的方法控制流图分析其权限滥用行为。系统通过并行化处理检测出第三方应用市场存在33.17%的重新打包应用,其中19.58%修改了权限。在修改过权限的应用中,45.95%存在越权行为,27.03%存在滥用权限行为。
At present, repackaged apps exist in third-party Android application markets. In this paper, 150 official apps are selected randomly and 572 third-party markets apps are used as contrast. Android repackaged apps security detection system was designed. First, we fine-grained identified repackaged apps by calculating their similarity, then gained resource files through reverse engineering, analyzed overprivileged behaviors according to the mappings marcher between system API and permission, and analyzed permission abused behaviors according to constructed methods CFG. By parallel processing, the system detects that there are 33. 17% repackaged apps in third-party markets, 19. 58% permissions are modified, and modified permission apps include 45. 95% overprivileged behaviors and 27. 03% permission abused behaviors.
出处
《计算机科学》
CSCD
北大核心
2015年第12期143-147,共5页
Computer Science
基金
国家自然科学基金(61272460)
国家教育部博士点基金项目(20120201110010)资助
