| 基于机器学习的第三方SDK漏洞检测技术研究 |
| |
| 引用本文: | 索蓓蓓.基于机器学习的第三方SDK漏洞检测技术研究[J].单片机与嵌入式系统应用,2021,21(1):19-22. |
| |
| 作者姓名: | 索蓓蓓 |
| |
| 作者单位: | 陕西学前师范学院,西安710061 |
| |
| 基金项目: | 2019年陕西省教育厅专项科学研究计划项目—基于大数据分析的Android系统SDK传输数据安全性研究 |
| |
| 摘 要: | 随着智能手机的普及,手机应用市场的发展也变得如火如荼.开发人员在新应用的开发中,会用到一些第三方提供的SDK,但是其经常存在安全漏洞,对用户的隐私造成威胁.本文基于机器学习的方法设计了针对Android第三方SDK的漏洞检测系统,同时利用设计出的检测系统对常见的50款第三方SDK进行了漏洞测试,发现50个样本中有31个...
|
| 关 键 词: | Android第三方SDK 机器学习 漏洞检测 |
Research on Android Third-party SDK Vulnerability Detection Technology Based on Machine Learning |
| |
| Suo Beibei.Research on Android Third-party SDK Vulnerability Detection Technology Based on Machine Learning[J].Microcontrollers & Embedded Systems,2021,21(1):19-22. |
| |
| Authors: | Suo Beibei |
| |
| Affiliation: | (Shaanxi Xueqian Normal University,Xi'an 710061,China) |
| |
| Abstract: | With the popularity of smart phones,the development of the mobile phone application market has also become in full swing.Developers often use SDKs provided by some third-party in the development of new applications,but they often have security vulnerabilities that pose a threat to users'privacy.Based on the method of machine learning,a vulnerability detection system for Android third-party SDK is designed,and at the same time conducted a vulnerability test using the 50 third-party SDKs common in the designed detection system.It is found that 31 of the 50 samples have vulnerabilities and vulnerabilities.The types mainly include malicious request for sensitive permissions,abuse of HTTP protocol,API misuse and local server vulnerabilities. |
| |
| Keywords: | Android third-party SDK machine learning vulnerability detection |
| 本文献已被 维普 万方数据 等数据库收录! |
|
