Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

An Android privacy disclosure behavior detection method and technology based on information flow

A detection technology and privacy leakage technology, applied in the field of mobile security privacy leakage behavior detection technology and system, can solve the problems of dynamic analysis limitation, program interruption, etc., and achieve the effects of expanding the scope, improving the detection rate, and high code coverage

Inactive Publication Date: 2019-01-04
SICHUAN UNIV
View PDF4 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the existing dynamic analysis technology needs to build a good simulation event, which is prone to program interruption. The latest malware has been able to detect that the runtime environment is a virtual machine, which brings limitations to dynamic analysis.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An Android privacy disclosure behavior detection method and technology based on information flow
  • An Android privacy disclosure behavior detection method and technology based on information flow
  • An Android privacy disclosure behavior detection method and technology based on information flow

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The present invention will be further described below in conjunction with accompanying drawings and examples.

[0027] Such as figure 1 As shown, a method for identifying Android privacy information leakage behavior based on information flow analysis, the steps are as follows.

[0028] The control flow graph building block is based on source code analysis and Jimple intermediate representation. The source code contains method call parameters for component communication, corresponding permissions and intent attributes. The intent information is used to match the called component and transmit privacy information. In order to match the calling component and the called Invoke components, use intent information to match the filter rules of components, and call components need corresponding permissions to access the called components. In order to detect whether there is a privacy information leakage behavior in component communication, the invention defines the API of the cal...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an Android privacy disclosure behavior detection method and a system based on information flow. The method comprises the following steps: 1) extracting components, permissionsand intention filter information from resource files and Dex files to generate a control flow diagram between processes; 2) analyzing the callback sequence of the application program, constructing theCCFG (Callback Function Control Flow Graph), and checking the potential privacy leakage path by using the static stain tracking analysis ICFG and CCFG; 3) extracting context and attribute values of cross-component communication through HOOK key API in customized sandbox, and optimizing privacy information flow constructed by static analysis; 4) the run program tracking and analyzing the dynamic stain, obtaining the path of the flow direction of the privacy information, and simultaneously extracting the context of the path; 5) according to the privacy leakage paths generated by monitoring logsand stain tracking analysis, the redundancy being removed or new privacy leakage paths being added in combination with context information; 6) the general information entropy method and visual clustering method being used to quantitatively analyze the privacy information leakage.

Description

technical field [0001] The invention relates to an Android privacy information leakage behavior detection method and technology based on information flow analysis, belonging to a mobile security privacy leakage behavior detection technology and system. Background technique [0002] Due to the rise of wireless networks and mobile applications, the replacement rate of mobile devices has accelerated, and the number of applications with specific functions has increased dramatically. In the mobile ecosystem, there are corresponding applications for almost everything that users need. Due to the low market threshold, it attracts a large number of developers and even hackers with ulterior motives. The Android system completes data sharing between processes through Binder, and at the same time uses the permission pop-up box to display the permissions requested by the application to the user. Due to the open source characteristics of the Android system and the emergence of more and mo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
CPCG06F21/562G06F21/566G06F2221/033
Inventor 方勇张磊刘亮陈泽峰
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com