| 基于关联分析的Android权限滥用攻击检测系统 |
| |
| 引用本文: | 陈宏伟,熊焰,黄文超,黄建盟.基于关联分析的Android权限滥用攻击检测系统[J].计算机系统应用,2016,25(4):36-42. |
| |
| 作者姓名: | 陈宏伟 熊焰 黄文超 黄建盟 |
| |
| 作者单位: | 中国科学技术大学 计算机科学与技术学院, 合肥 230022,中国科学技术大学 计算机科学与技术学院, 合肥 230022,中国科学技术大学 计算机科学与技术学院, 合肥 230022,中国科学技术大学 计算机科学与技术学院, 合肥 230022 |
| |
| 基金项目: | 国家自然科学基金(61572453,61202404,61520106007,61170233,61232018);安徽省自然科学基金(1508085SQF215);中央高校基本科研基金(WK0110000041) |
| |
| 摘 要: | 为了限制应用软件的行为,Android系统设计了权限机制.然而对于用户授予的权限,Android应用软件却可以不受权限机制的约束,任意使用这些权限,造成潜在的权限滥用攻击.为检测应用是否存在权限滥用行为,提出了一种基于关联分析的检测方法.该方法动态检测应用的敏感行为与用户的操作,并获得两者的关联程度.通过比较待检测应用与良性应用的关联程度的差别,得到检测结果.基于上述方法,设计并实现了一个原型系统DroidDect.实验结果表明,DroidDect可以有效检测出Android应用的权限滥用行为,并具有系统额外开销低等优点.
|
| 关 键 词: | Android安全 权限滥用攻击 关联分析 检测系统 |
| 收稿时间: | 2015/8/16 0:00:00 |
| 修稿时间: | 2015/10/14 0:00:00 |
Association Analysis Based Detection System for Android Permission Abuse Attacks |
| |
| CHEN Hong-Wei,XIONG Yan,HUANG Wen-Chao and HUANG Jian-Meng.Association Analysis Based Detection System for Android Permission Abuse Attacks[J].Computer Systems& Applications,2016,25(4):36-42. |
| |
| Authors: | CHEN Hong-Wei XIONG Yan HUANG Wen-Chao and HUANG Jian-Meng |
| |
| Affiliation: | School of Computer Science and Technology, University of Science and Technology of China, Hefei 230022, China,School of Computer Science and Technology, University of Science and Technology of China, Hefei 230022, China,School of Computer Science and Technology, University of Science and Technology of China, Hefei 230022, China and School of Computer Science and Technology, University of Science and Technology of China, Hefei 230022, China |
| |
| Abstract: | In order to restrict the behaviors of applications, a permission system is designed in Android system. However, for the permissions granted by the users, applications will no longer be restricted and can use these permissions at will, which may cause the potential permission abuse attacks. To detect the permission abuse behaviors of applications, an association analysis based detection method was proposed. This method dynamically detects sensitive behaviors of applications and operations of users, then calculates the degree of association between them. Detection result will be obtained through comparing the differences between detected applications and benign applications. A prototype system named DroidDect was designed and implemented based on the above method. The experimental results show that permission abuse behaviors in Android applications can be effectively detected by DroidDect with advantages including low system overhead. |
| |
| Keywords: | Android security permission abuse attacks association analysis detection system |
|
| 点击此处可从《计算机系统应用》浏览原始摘要信息 |
|
点击此处可从《计算机系统应用》下载全文 |
|
