论文:2016,Vol:34,Issue(6):1074-1081
引用本文:
蒋煦, 张慧翔, 慕德俊. 一种动态监测安卓应用程序的方法[J]. 西北工业大学学报
Jiang Xu, Zhang Huixiang, Mu Dejun. A Method for Dynamically Monitoring Android Applications[J]. Northwestern polytechnical university

一种动态监测安卓应用程序的方法
蒋煦, 张慧翔, 慕德俊
西北工业大学 自动化学院, 陕西 西安 710072
摘要:
针对安卓应用程序在终端用户未知的情况下获取系统服务的问题,提出了动态监测应用程序获取系统服务的方法。首先,检查应用程序是否存在第三方库,如存在,则检查第三方库中是否存在敏感函数。如果不存在敏感函数,就将应用程序安装到监测系统,实施对应用程序获取系统服务的实时监测。实验结果表明,该方法在能够避免恶意应用程序对监测系统进行破坏的前提下,可以实时监测到应用程序来自Java层或是本地层对系统服务的调用,而且该方法的实现对时间的开销也在可接受的范围内。
关键词:    应用程序编程接口    网络安全    Java语言    实时系统    数据安全    第三方库    挂钩子    系统服务调用    Linux    安卓应用程序    动态监测   
A Method for Dynamically Monitoring Android Applications
Jiang Xu, Zhang Huixiang, Mu Dejun
School of Automation, Northwestern Polytechnical University, Xi'an 710072, China
Abstract:
In order for Android application to acquire system service without knowing their terminal user, we proposed the dynamic monitoring method. First, we monitor whether the Android applications have the third libraries; if yes, we monitor whether the third libraries have sensitive function. If the sensitive function do not exist, the Android applications are installed into a certain Android system whose call function has been hooked, thus monitoring in real time the applications' acquisition of system services. The experimental results show that the dynamic monitoring method can monitor the applications' acquisition of their system services called by both the Java layer and the local layer under the precondition that the damage to the monitoring system by an ill-intentioned application can be avoided. Besides, the overhead of the dynamic monitoring method for Android applications is acceptable.
Key words:    application programming interface (API)    network security    Java programming language    real time systems    security of data    third libraries    hook    system service call    Linux    Android application    dynamic monitoring   
收稿日期: 2016-08-26     修回日期:
DOI:
基金项目: 国家自然科学基金(61672433)资助
通讯作者:     Email:
作者简介: 蒋煦(1983-),西北工业大学博士研究生,主要从事Android系统安全及大数据挖掘研究。
相关功能
PDF(1180KB) Free
打印本文
把本文推荐给朋友
作者相关文章
蒋煦  在本刊中的所有文章
张慧翔  在本刊中的所有文章
慕德俊  在本刊中的所有文章

参考文献:
[1] 许铝才,张源,杨珉. SysTracker:一种采用系统调用监测安卓应用资源使用的方法[J]. 计算机应用与软件,2014,31(10):244-250 Xu Lücai, Zhang Yuan, Yang Min. Systracker:A System Call-Based Re-Sourses Usage Monitoring Technique for Android Applications[J]. Computer Applications and Software, 2014, 31(10):244-250(in Chinese)
[2] Felt A P, Chin E, Hanna S, et a1. Android Permissions Demystified[C]//Proceedingsof the 18th ACM Conference on Computer and Communications Security, New York, ACM, 2011:627-638
[3] Lu L, Li Z, Wu Z, et al. Chex:Statically Vetting Android Apps for Component Hijacking Vulnerabilities[C]//Proceedings of ACM Conference on Computer and Communications Security, New York:ACM, 2012
[4] Enck W, Ongtang M, McDaniel. On Lightweight Mobile Phone Application Certication[C]//Proceedings of the 2009 ACM Conterence on Computer and Communications Secutity, 2009:24-41
[5] Xu R, Saïdi H, Anderson R. Aurasium:Practical Policy Enforcement for Android Applications[C]//Proceedings of the 21st USENIX Conference on Security Symposium, 2012:27-27
[6] Sun M, Tan G. NativeGuard:Protecting Android Applications from Third-Party Native Libraries[C]//Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless & Mobile Networks, 2014:165-176
[7] 张玉清, 王凯, 杨欢,等. Android安全综述[J]. 计算机研究与发展, 2014, 51(7):1385-1396 Zhang Yuqing, Wang Kai, Yang Huan, et al. Survey of Android OS Security[J]. Journal of Computer Research and Development, 2014, 51(7):1385-1396(in Chinese)
[8] Yan L K, Yin H. DroidScope:Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis[C]//Proceedings of the 21st USENIX Conference on Security Symposium, 2012:29-29
[9] Enck W, Octeau D, Mcdaniel P, et al. A Study of Android Application Security[C]//Usenix Conference on Security, 2011:1175-1175
[10] 俞甲子,石凡,潘爱民. 程序员的自我修养[M]. 北京:电子工业出版社, 2009 Yu Jiazi, Shi Fan, Pan Aimin. Programmer's Self-Improvement[M]. Beijing, Publishing House of Electronics Industry, 2009(in Chinese)
[11] 罗升阳. Android系统源代码情景分析[M]. 北京:电子工业出版社, 2012 Luo Shengyang. Android Source Code Scenario Analysis[M]. Beijing, Publishing House of Electronics Industry, 2012(in Chinese)
[12] Seo J, Kim D, Cho D, et al. Flexdroid:Enforcing In-App Privilege Separation in Android[C]//Proceedings of the 2016 Annual Network and Distributed System Security Symposium, CA, 2016
[13] Google. Android ndk[EB/OL]. (2012-09-02)http://developer.android.com/tools/sdk/ndk/index.html
[14] 华保健, 周艾亭, 朱洪军. Android内核钩子的混合检测技术[J]. 计算机应用, 2014, 34(11):3336-3339 Hua Baojian, Zhou Aiting, Zhu Hongjun. Hybrid Detection Technique for Android Kernel Hook[J]. Computer Applications, 2014, 34(11):3336-3343(in Chinese)
[15] Zhou Y, Patel K, Wu L, et al. Hybrid User-Level Sandboxing of Third-Party Android Apps[C]//Proceedings of the 10th ACM Symposium on Information, Computer and Communication Security, 2015:19-30
[16] 金泰延,宋享周,朴知勋,等. Android框架揭秘[M]. 北京:人民邮电出版社, 2012 Jin Taiyan, Song Xiangzhou, Piao Zhixun, et al. Inside the Android Framework[M]. Beijing, Post & Telecom Press, 2012(in Chinese)
[17] 郑勇鑫. Android动态监控系统设计与实现[D]. 南京:东南大学, 2014 Zheng Yongxin. Design and Implementation of Dynamic Monitoring System for Android[D]. Nanjing, Southeast University, 2014(in Chinese)
相关文献:
1.夏平, 周兴社, 谢必昌.适应动态安全需求的实时任务调度算法研究[J]. 西北工业大学学报, 2012,30(5): 657-662