本文已被:浏览 2021次 下载 2409次
Received:August 16, 2015 Revised:October 14, 2015
Received:August 16, 2015 Revised:October 14, 2015
中文摘要: 为了限制应用软件的行为,Android系统设计了权限机制.然而对于用户授予的权限,Android应用软件却可以不受权限机制的约束,任意使用这些权限,造成潜在的权限滥用攻击.为检测应用是否存在权限滥用行为,提出了一种基于关联分析的检测方法.该方法动态检测应用的敏感行为与用户的操作,并获得两者的关联程度.通过比较待检测应用与良性应用的关联程度的差别,得到检测结果.基于上述方法,设计并实现了一个原型系统DroidDect.实验结果表明,DroidDect可以有效检测出Android应用的权限滥用行为,并具有系统额外开销低等优点.
Abstract:In order to restrict the behaviors of applications, a permission system is designed in Android system. However, for the permissions granted by the users, applications will no longer be restricted and can use these permissions at will, which may cause the potential permission abuse attacks. To detect the permission abuse behaviors of applications, an association analysis based detection method was proposed. This method dynamically detects sensitive behaviors of applications and operations of users, then calculates the degree of association between them. Detection result will be obtained through comparing the differences between detected applications and benign applications. A prototype system named DroidDect was designed and implemented based on the above method. The experimental results show that permission abuse behaviors in Android applications can be effectively detected by DroidDect with advantages including low system overhead.
文章编号: 中图分类号: 文献标志码:
基金项目:国家自然科学基金(61572453,61202404,61520106007,61170233,61232018);安徽省自然科学基金(1508085SQF215);中央高校基本科研基金(WK0110000041)
引用文本:
陈宏伟,熊焰,黄文超,黄建盟.基于关联分析的Android权限滥用攻击检测系统.计算机系统应用,2016,25(4):36-42
CHEN Hong-Wei,XIONG Yan,HUANG Wen-Chao,HUANG Jian-Meng.Association Analysis Based Detection System for Android Permission Abuse Attacks.COMPUTER SYSTEMS APPLICATIONS,2016,25(4):36-42
陈宏伟,熊焰,黄文超,黄建盟.基于关联分析的Android权限滥用攻击检测系统.计算机系统应用,2016,25(4):36-42
CHEN Hong-Wei,XIONG Yan,HUANG Wen-Chao,HUANG Jian-Meng.Association Analysis Based Detection System for Android Permission Abuse Attacks.COMPUTER SYSTEMS APPLICATIONS,2016,25(4):36-42
