首页 | 本学科首页   官方微博 | 高级检索  
     

用户友好的Android隐私监管机制
引用本文:黄洁,谭博,谭成翔. 用户友好的Android隐私监管机制[J]. 计算机应用, 2015, 35(3): 751-755. DOI: 10.11772/j.issn.1001-9081.2015.03.751
作者姓名:黄洁  谭博  谭成翔
作者单位:同济大学 电子与信息工程学院, 上海 201804
摘    要:针对安卓(Android)应用过度授权导致的隐私泄露问题,提出了一种用户友好的Android隐私监管机制UFMDroid。该机制使用服务代理重定向技术在Android控制流中插入隐私行为监控和细粒度运行时资源约束模块。UFMDroid通过对安卓市场已有软件的权限进行分层聚类和欧几里得距离度量以构建各类应用的预置权限轮廓,从而过滤可疑权限。UFMDroid通过计算当前权限配置与预置权限的距离获得应用静态威胁值;通过对涉隐私行为分类,同时考虑不同类别隐私行为的个体威胁和组合威胁,为用户提供应用实时威胁量化值。此外,UFMDroid通过提供虚假数据的方式防止应用因权限撤销引发程序崩溃。实验结果表明,UFMDroid可以成功监控应用对21种隐私数据的获取行为并可按用户配置进行隐私行为实时拦截响应,在一定程度上加强隐私保护。

关 键 词:过度授权  隐私保护  预置权限  威胁量化  实时监控  
收稿时间:2014-10-20
修稿时间:2014-11-27

User-friendly privacy monitoring and management mechanism on Android
HUANG Jie , TAN Bo , TAN Chengxiang. User-friendly privacy monitoring and management mechanism on Android[J]. Journal of Computer Applications, 2015, 35(3): 751-755. DOI: 10.11772/j.issn.1001-9081.2015.03.751
Authors:HUANG Jie    TAN Bo    TAN Chengxiang
Affiliation:School of Electronics and Information Engineering, Tongji University, Shanghai 201804, China
Abstract:To solve the excessive authorization problem of Android, this paper proposed a User-Friendly privacy monitoring and management Mechanism on AnDroid named UFMDroid. Proxy redirect technology was used to implement privacy-related behavior monitoring module and fine-grained resources constraint module in Android control flow. UFMDroid analyzed the existing applications on Android market and constructed a permission profile as preset by hierarchical clustering and Euclidean distance metric to filter suspicious authority. A static threat value could be provided by calculating the distance between the preset and the current permission configuration. The privacy-related behaviors of application were classified and both of the individual threat and combination threat were considered in calculating the dynamic runtime threat value. In addition, fake data mechanism was imported to prevent the application from crashing while the permission was withdrawn. The experimental results show that UFMDroid can monitor the usage of 21 different resources and it can intercept the privacy leakage behaviors in accordance with user configuration. UFMDroid can enhance the security of Android to some extent.
Keywords:excessive authorization  privacy protection  preset permission  threat quantification  runtime monitoring
本文献已被 CNKI 万方数据 等数据库收录!
点击此处可从《计算机应用》浏览原始摘要信息
点击此处可从《计算机应用》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号