A Static Analysis Model for Implicit Information Leakage in Android Application

被引:0
|
作者
Cao, Hongsheng [1 ]
Jiao, Jian [1 ]
Li, Denghui [2 ]
机构
[1] Beijing Informat Sci & Technol Univ, Sch Comp Sci, Beijing Key Lab Internet Culture & Digital Dissem, Beijing, Peoples R China
[2] Giant Interact Grp Inc, Shanghai, Peoples R China
来源
2018 IEEE 18TH INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY (ICCT) | 2018年
关键词
Android application; implicit information flow; structure-related flow model; information leak; mobile security;
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
The privacy information leakage can be divided into explicit and implicit information leakage. The detection of IIF (implicit information flow) is an important task in Android Security research. The IIF mechanisms are significantly different from traditional information leakage, because implicit information leakage adopted program structural changes in the way information is leaked. We find the correlation between basic blocks, control structures and expressions of the three different levels objects, proposal SRFM (Structure-Related Flow Model) to describe the relationship between the implicit flow and the control structure. A prototype system TSDroid (Structure-Related Flow Droid) is developed. The experiment shows that TSDroid can detect the implicit information leakage with more efficiency and higher precision than other traditional methods.
引用
收藏
页码:1133 / 1140
页数:8
相关论文
共 33 条
  • [1] Prevention of Data Leakage due to Implicit Information Flows in Android Applications
    Inayoshi, Hiroki
    Kakei, Shohei
    Takimoto, Eiji
    Mouri, Koichi
    Saito, Shoichi
    2019 14TH ASIA JOINT CONFERENCE ON INFORMATION SECURITY (ASIAJCIS 2019), 2019, : 103 - 110
  • [2] Research on Static Analysis Technology of Android Application Security Defects
    Chen, Lu
    Liu, Xing
    Ma, Yuan-yuan
    Shi, Cong-cong
    Li, Ni-ge
    2016 INTERNATIONAL CONFERENCE ON ELECTRICAL ENGINEERING AND AUTOMATION (ICEEA 2016), 2016,
  • [3] An Evaluation Model for Information Security of Android Application Based on Analytic Hierarchy Process
    Wan Yan
    Wang Guolin
    Feng Xiangyang
    2016 WORLD AUTOMATION CONGRESS (WAC), 2016,
  • [4] Android Application for Event Management and Information Propagation
    Hathaiwichian, Phanuphong
    Siriwittayacharoen, Lapas
    Wongwachirawanich, Apinat
    Ragkhitwetsagul, Chaiyong
    2014 THIRD ICT INTERNATIONAL STUDENT PROJECT CONFERENCE (ICT-ISPC), 2014, : 139 - 142
  • [5] New Results on Permission Based Static Analysis for Android Malware
    Sahin, Durmus Ozkan
    Kural, Oguz Emre
    Akleylek, Sedat
    Kilic, Erdal
    2018 6TH INTERNATIONAL SYMPOSIUM ON DIGITAL FORENSIC AND SECURITY (ISDFS), 2018, : 340 - 343
  • [6] A Novel Android Application Penetration Analysis Method
    Hao Zengshuai
    Meng Leizi
    Zhan Xiong
    Wang Jie
    Yu Jianbo
    PROCEEDINGS OF THE 2017 2ND JOINT INTERNATIONAL INFORMATION TECHNOLOGY, MECHANICAL AND ELECTRONIC ENGINEERING CONFERENCE (JIMEC 2017), 2017, 62 : 29 - 35
  • [7] SANT: Static Analysis of Native Threads for Security Vetting of Android Applications
    Andarzian, Seyed Behnam
    Ladani, Behrouz Tork
    ISECURE-ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2022, 14 (01): : 13 - 25
  • [8] Android static taint analysis based on multi branch search association
    Tang, Chenghua
    Du, Zheng
    Yang, Mengmeng
    Qiang, Baohua
    COMPUTERS & SECURITY, 2023, 129
  • [9] Characterization of Android Applications with Root Exploit by Using Static Feature Analysis
    Hao, Huikang
    Li, Zhoujun
    He, Yueying
    Ma, Jinxin
    ALGORITHMS AND ARCHITECTURES FOR PARALLEL PROCESSING, ICA3PP 2015, 2015, 9532 : 153 - 165
  • [10] Android Application for Spiral Analysis in Parkinson's Disease
    Surangsrirat, Decho
    Thanawattano, Chusak
    2012 PROCEEDINGS OF IEEE SOUTHEASTCON, 2012,
1234