摘要
Android混合应用具有良好的跨平台移植性,但其使用的WebView组件中的HTML和JavaScript代码能够通过内部或外部通道调用数据来访问相关资源,从而产生代码注入攻击漏洞.针对这个问题,提出一种基于机器学习的Android混合应用代码注入攻击漏洞检测方法.首先,通过反编译Android混合应用,将其进行代码分片;然后,提取出与Android混合应用申请的敏感权限和能够触发数据中恶意代码的API,组合起来生成特征向量;最后,构建多种机器学习模型进行训练和分类预测.实验结果表明,随机森林模型的识别准确率较高,能够提高Android混合应用代码注入攻击漏洞检测的准确性.
The Android hybrid application has good cross platform portability,but the HTML and JavaScript code in the Web-View component it uses can call data through internal or external channels to access related resources,resulting in a code injection attack vulnerability.To solve this problem,a machine-learning-based code injection attack vulnerability detection method for Android hybrid applications was proposed.Firstly,decompiled the Android hybrid application and fragmented its code;Then,extracted sensitive permissions and APIs that can trigger malicious code in the data for mixed application applications with Android,and combined them to generate feature vectors;Finally,various machine learning models are constructed for training and classification prediction.From the experimental results,the Random forest model has the highest recognition accuracy,and can improve the accuracy of vulnerability detection for Android hybrid application code injection attacks.
作者
王旭阳
秦玉海
任思远
Wang Xuyang;Qin Yuhai;Ren Siyuan(Criminal Investigation Police University of China,Shenyang 110854)
出处
《信息安全研究》
CSCD
2023年第10期940-946,共7页
Journal of Information Security Research
