基于宿主权限的移动广告漏洞攻击技术

移动广告作为市场营销的一种重要手段,越来越受到应用开发者的青睐,其市场规模也日趋增大.但是,为了追求广告的精准投放和其他非法利益,移动广告给用户的隐私与财产安全也带来了很大威胁.目前,众多学者关注广告平台、广告主和移动应用的安全风险,还没有出现在广告网络中直接发起攻击的案例.本文提出一种基于宿主权限的移动广告漏洞攻击方法,能够在移动应用获取广告内容时在流量中植入攻击代码.通过对广告流量的拦截,提取出宿主应用的标识和客户端相关信息,间接得到宿主应用的权限列表和当前设备的WebView漏洞.另外,本文提出一种攻击者的能力描述语言,能够自动生成定制化的攻击载荷.实验表明,本文所提出的攻击方法能够影响到大量含有移动广告的应用,几个攻击实例的分析也证明了自动生成攻击载荷的可行性.最后,本文提出了几种防护方法和安全增强措施,包括应用标识混淆、完整性校验和中间人攻击防护技术等.     

A static technique for detecting input validation vulnerabilities in Android apps

Input validation vulnerabilities are common in Android apps, especially in inter-component communications. Malicious attacks can exploit this kind of vulnerability to bypass Android security mechanism and compromise the integrity, confidentiality and availability of Android devices. However, so far there is not a sound approach at the source code level for app developers aiming to detect input validation vulnerabilities in Android apps. In this paper, we propose a novel approach for detecting input validation flaws in Android apps and we implement a prototype named EasyIVD, which provides practical static analysis of Java source code. EasyIVD leverages backward program slicing to extract transaction and constraint slices from Java source code. Then EasyIVD validates these slices with predefined security rules to detect vulnerabilities in a known pattern. To detect vulnerabilities in an unknown pattern, EasyIVD extracts implicit security specifications as frequent patterns from the duplicated slices and verifies them. Then EasyIVD semi-automatically confirms the suspicious rule violations and reports the confirmed ones as vulnerabilities. We evaluate EasyIVD on four versions of original Android apps spanning from version 2.2 to 5.0. It detects 58 vulnerabilities including confused deputy attacks and denial of service attacks. Our results prove that EasyIVD can provide a practical defensive solution for app developers.     

A technique to circumvent SSL/TLS validations on iOS devices

SSL/TLS validations such as certificate and public key pinning can reinforce the security of encrypted communications between Internet-of-Things devices and remote servers, and ensure the privacy of users. However, such implementations complicate forensic analysis and detection of information disclosure; say, when a mobile app breaches user’s privacy by sending sensitive information to third parties. Therefore, it is crucial to develop the capacity to vet mobile apps augmenting the security of SSL/TLS traffic. In this paper, we propose a technique to bypass the system’s default certificate validation as well as built-in SSL/TLS validations performed in iOS apps. We then demonstrate its utility by analysing 40 popular iOS social networking, electronic payment, banking, and cloud computing apps.     

面向Android生态系统中的第三方SDK安全性分析

现如今,许多Android开发人员为了缩短开发时间,选择在其应用程序中内置第三方SDK.第三方SDK是一种由广告平台,数据提供商,社交网络和地图服务提供商等第三方服务公司开发的工具包,它已经成为Android生态系统的重要组成部分.令人担心的是,一个SDK有安全漏洞,会导致所有包含该SDK的应用程序易受攻击,这严重影响了Android生态系统的安全性.因此,我们在市场上选取了129个流行的第三方SDK并对其安全性进行了全面分析.为了提高分析的准确性,我们将第三方SDK的demo应用作为分析对象并使用了在分析Android应用中有效的分析方法（例如静态污点追踪、动态污点追踪、动态二进制插桩等）和分析工具（例如flowdroid、droidbox等）.结果显示,在选取的这些SDK中,超过60%含有各种漏洞（例如：HTTP的误用, SSL/TLS的不正确配置, 敏感权限滥用,身份识别, 本地服务,通过日志造成信息泄露,开发人员的失误）.这对于相关应用程序的使用者构成了威胁.     

Web网站SSL/TLS协议配置安全研究

SSL/TLS协议是目前通信安全和身份认证方面应用最为广泛的安全协议之一,对于保障信息系统的安全有着十分重要的作用.然而,由于SSL/TLS协议的复杂性,使得Web网站在实现和部署SSL/TLS协议时,很容易出现代码实现漏洞、部署配置缺陷和证书密钥管理问题等安全缺陷.这类安全问题在Web网站中经常发生,也造成了许多安全事件,影响了大批网站.因此,本文首先针对Web网站中安全检测与分析存在工具匮乏、检测内容单一、欠缺详细分析与建议等问题,设计并实现了Web网站SSL/TLS协议部署配置安全漏洞扫描分析系统,本系统主要从SSL/TLS协议基础配置、密码套件支持以及主流攻击测试三方面进行扫描分析;之后使用该检测系统对Alexa排名前100万网站进行扫描,并做了详细的统计与分析,发现了不安全密码套件3DES普遍被支持、关键扩展OCSP Stapling支持率不足25%、仍然有不少网站存在HeartBleed攻击等严重问题;最后,针对扫描结果中出现的主要问题给出了相应的解决方案或建议.     

A study of the relation of mobile device attributes with the user-perceived quality of Android apps

The number of mobile applications (apps) and mobile devices has increased considerably over the past few years. Online app markets, such as the Google Play Store, use a star-rating mechanism to quantify the user-perceived quality of mobile apps. Users may rate apps on a five point (star) scale where a five star-rating is the highest rating. Having considered the importance of a high star-rating to the success of an app, recent studies continue to explore the relationship between the app attributes, such as User Interface (UI) complexity, and the user-perceived quality. However, the user-perceived quality reflects the users’ experience using an app on a particular mobile device. Hence, the user-perceived quality of an app is not solely determined by app attributes. In this paper, we study the relation of both device attributes and app attributes with the user-perceived quality of Android apps from the Google Play Store. We study 20 device attributes, such as the CPU and the display size, and 13 app attributes, such as code size and UI complexity. Our study is based on data from 30 types of Android mobile devices and 280 Android apps. We use linear mixed effect models to identify the device attributes and app attributes with the strongest relationship with the user-perceived quality. We find that the code size has the strongest relationship with the user-perceived quality. However, some device attributes, such as the CPU, have stronger relationships with the user-perceived quality than some app attributes, such as the number of UI inputs and outputs of an app. Our work helps both device manufacturers and app developers. Manufacturers can focus on the attributes that have significant relationships with the user-perceived quality. Moreover, app developers should be careful about the devices for which they make their apps available because the device attributes have a strong relationship with the ratings that users give to apps.     

TipTracer:基于安全提示的安卓应用通用漏洞检测框架

为了使开发者能安全准确地使用第三库接口,库设计者提供了各种类型的安全提示(安全规约),进而保护应用程序免受因库函数的误用而造成的安全攻击.然而,研究表明:开发者经常性不遵守这些安全规约,导致应用程序中引入了各种各样的安全漏洞.为了评估该问题的影响与规模,进行了系统性的、大规模的对安全规约在安卓应用程序中违反情况的研究.结果表明:已有的安全规约由于不精确的描述、误导性的代码示例、错误的默认设置、碎片化以及缺少强制性检查等原因而大大影响了其在实际运用中的有效性.为了使开发者能更好地遵守安全规约,提出了TipTracer,一个自动化的通用漏洞分析框架.TipTracer主要包含2个部分:1)TipTracer定义了一个能形式化描述安全规约的安全性语言,并利用该语言对已知的安全规约进行形式化表述;2)TipTracer实现了一个静态代码分析器,用于检查应用程序是否满足安全规约.最后,通过大规模的实验分析,证明了TipTracer能有效且准确地对大规模的真实应用程序进行安全性分析.     

VAnDroid: A framework for vulnerability analysis of Android applications using a model-driven reverse engineering technique

Android is extensively used worldwide by mobile application developers. Android provides applications with a message passing system to communicate within and between them. Due to the risks associated with this system, it is vital to detect its unsafe operations and potential vulnerabilities. To achieve this goal, a new framework, called VAnDroid, based on Model Driven Reverse Engineering (MDRE), is presented that identifies security risks and vulnerabilities related to the Android application communication model. In the proposed framework, some security-related information included in an Android app is automatically extracted and represented as a domain-specific model. Then, it is used for analyzing security configurations and identifying vulnerabilities in the corresponding application. The proposed framework is implemented as an Eclipse-based tool, which automatically identifies the Intent Spoofing and Unauthorized Intent Receipt as two attacks related to the Android application communication model. To evaluate the tool, it has been applied to several real-world Android applications, including 20 apps from Google Play and 110 apps from the F-Droid repository. VAnDroid is also compared with several existing analysis tools, and it is shown that it has a number of key advantages over those tools specifically regarding its high correctness, scalability, and usability in discovering vulnerabilities. The results well indicate the effectiveness and capacity of the VAnDroid as a promising approach in the field of Android security.     

Forensic taxonomy of android productivity apps

Android productivity apps have provided the facility of having a constantly accessible and productive workforce to the information and work capabilities needed by the users. With hundreds of productivity apps available in the Android app market, it is necessary to develop a taxonomy for the forensic investigators and the end users to allow them to know what personal data remnants are available from the productivity apps. In this paper, 30 popular Android productivity apps were examined. A logical extraction of the Android phone was collected by using a well-known mobile forensic tool- XRY to extract various information of forensic interest such as user email ID and list of tasks. Based on the findings, a two-dimensional taxonomy of the forensic artefacts of the productivity apps is proposed with the app categories in one dimension and the classes of artefacts in the other dimension. The artefacts identified in the study of the apps are summarised using the taxonomy. In addition, a comparison with the existing forensic taxonomies of different categories of Android apps is provided to facilitate timely collection and analysis of evidentiary materials from mobile devices.     

Android应用中Exported Activity测试途径研究

Android系统提供了多种应用间交互机制,其中开放活动（Exported Activity,EA）不需要复杂的跨进程交互就可以被其他应用在运行时调用.现在很多研究主要关注GUI组件的功能性测试,但是在Android应用本身往往不会启动内部的开放活动,所以开放活动有时候很难被覆盖到.本文提出了一种系统化测试开放活动的方法,使用该方法可以生成一组代理应用作为测试驱动程序启动应用中的开放活动.首先,使用静态分析技术解析APK文件,提取出开放活动列表和启动它们需要数据的键值和类型;其次,将相应的数据填充到预先设置好的模板中,生成测试驱动应用.本文基于提出的测试方法开发了一款原型工具——EASTER,使用一些真实的应用进行了实验.实验结果显示,所有测试应用共有65个开放活动,其中有20个开放活动在被外部应用启动过程中存在漏洞.     

一种基于SSL/TLS的Web安全代理的设计与实现

SSL Web代理能有效保护Internet上数据传输和存有敏感信息的Web服务器的安全。但是SSL协议中大量的数据处理带来的性能瓶颈和协议实现中受到的安全威胁将严重影响SSL Web代理的效用。该文在分析SSL／TLS协议性能和安全的基础上,设计并实现了一种高效的、安全的SSL／TLS Web代理。     

Model-driven development of mobile applications for Android and iOS supporting role-based app variability

Rapidly increasing numbers of applications and users make the development of mobile applications to one of the most promising fields in software engineering. Due to short time to market, differing platforms, and fast emerging technologies, mobile application development faces typical challenges where model-driven development (MDD) can help. We present a modeling language and an infrastructure for the MDD of native apps in Android and iOS. Our approach allows a flexible app development on different abstraction levels: compact modeling of standard app elements such as standard data management and increasingly detailed modeling of individual elements to cover, for example, specific behavior. Moreover, a kind of variability modeling is supported such that mobile apps with variants can be developed. We demonstrate our MDD approach with several apps including a conference app, a museum guide with augmented reality functionality, and a SmartPlug.     

All about activity injection: Threats,semantics, detection,and defense

Android supports seamless user experience by maintaining activities from different applications (apps) in the same activity stack. Although such close inter-app communication is essential in the Android framework, the powerful inter-app communication contains vulnerabilities that can inject malicious activities into a victim app's activity stack to hijack user interaction flows. In this article, we demonstrate activity injection attacks with a simple malware, and formally specify the activity activation mechanism using operational semantics. Based on the operational semantics, we develop a static analysis tool, which analyzes Android apps to detect activity injection attacks. Our tool is fast enough to analyze real-world Android apps in 6 seconds on average, and our experiments found that 1761 apps out of 129,756 real-world Android apps inject their activities into other apps' tasks. Moreover, we propose a defense mechanism, dubbed signature-based activity access control (SAAC), which completely prohibits activity injection attacks. The defense mechanism is general enough to keep the current Android multitasking features intact, and it is simple enough to be independent of the complex activity activation semantics, which does not increase activity activation time noticeably. With the extension of the formal semantics for SAAC, we prove that SAAC correctly mitigates activity injection attacks without any false alarms.     

Static analysis of Android Auto infotainment and on-board diagnostics II apps

Smartphone and automotive technologies are rapidly converging, letting drivers enjoy communication and infotainment facilities and monitor in-vehicle functionalities, via on-board diagnostics (OBD) technology. Among the various automotive apps available in playstores, Android Auto infotainment and OBD-II apps are widely used and are the most popular choice for smartphone to car interaction. Automotive apps have the potential of turning cars into smartphones on wheels but can be also the gateway of attacks. This paper defines a static analysis that identifies potential security risks in Android infotainment and OBD-II apps. It identifies a set of potential security threats and presents an actual static analyzer for such apps. It has been applied to most of the highly rated infotainment apps available in the Google Play store, as well as on the available open-source OBD-II apps, against a set of possible exposure scenarios. Results show that almost 60% of such apps are potentially vulnerable and that 25% pose security threats related to the execution of JavaScript. The analysis of the OBD-II apps shows possibilities of severe controller area network injections and privacy violations, because of leaks of sensitive information.     

Formal analysis of seamless application execution in mobile cloud computing

Mobile cloud computing augments the resource-constrained mobile devices to run rich mobile applications by leveraging the cloud resources and services. Compute-intensive mobile apps require significant communication resources for migrating the code from mobile devices to the cloud. For such apps, distributed application execution frameworks (DAEF) have been proposed in the literature. These frameworks either migrate the mobile app code during runtime or keep the app synchronized with another remotely executed app on the cloud. Frameworks also support mobile app live migration to cater for compute node mobility. One key research question arises is how successful are these DAEFs in achieving the seamless application execution under various network conditions? The answer to this question entails formal analysis of the DAEFs to determine the realistic bounds on propagation delay, bandwidth and application interaction with mobile device for various types and sizes of apps. In this research, we apply formal analysis techniques to define the execution time of the app and the time required for code migration. We also define three conditions for seamless application execution. Given realistic values for processor speed, application executable size, possible number of executed instructions, network propagation delay and transmission delay, we show what components of the mobile app need to be migrated during execution to the cloud. Finally, we compute realistic bounds for the app size (that can be executed seamlessly) based on important features which include cloud and device resources, bandwidth and latency profile.     

Effects of the aesthetic design of icons on app downloads: evidence from an android market

With the rapid development of the mobile app market, understanding the determinants of mobile app success has become vital to researchers and mobile app developers. Extant research on mobile applications primarily focused on the numerical and textual attributes of apps. Minimal attention has been provided to how the visual attributes of apps affect the download behavior of users. Among the features of app “appearance”, this study focuses on the effects of app icon on demand. With aesthetic product and interface design theories, we analyze icons from three aspects, namely, color, complexity, and symmetry, through image processing. Using a dataset collected from one of the largest Chinese Android websites, we find that icon appearance influences the download behavior of users. Particularly, apps with icons featuring higher colorfulness, proper complexity, and slight asymmetry lead to more downloads. These findings can help developers design their apps.     

Android应用内第三方支付协议的形式化分析

应用内第三方支付具有便捷实用的特点,使得众多的移动应用选择嵌入第三方支付功能,但其安全性缺乏系统全面的分析,导致支付安全难以保证.为此,对基于Android平台的五种第三方支付协议的协议流程、安全假设和安全目标进行形式化建模,并采用ProVerif对协议进行分析,分析结果表明,协议在Android平台上的实现难以抵御订单篡改、订单替换和通知伪造等攻击;其次,在测试了210个采用应用内第三方支付的App后,发现近13.8%的App均能被成功攻击;最后,为抵御上述攻击,对第三方支付协议的实现提出了具体的建议.     

《小型网络组建》精品课程移动终端app的开发

在教育领域,尤其在职业教育领域中,移动终端平台上的教学类应用软件仍处于空白状态。《小型网络组建》精品课程移动终端app的开发,在国内具有领先水平,填补国内职业类院校移动终端平台教学软件的空白。该移动终端app基于Java进行开发,适用于Android2．1或以上版本的各种Android移动平台。将介绍该教学软件的开发情况。     

Network-based detection of Android malicious apps

Users leverage mobile devices for their daily Internet needs by running various mobile applications (apps) such as social networking, e-mailing, news-reading, and video/audio streaming. Mobile device have become major targets for malicious apps due to their heavy network activity and is a research challenge in the current era. The majority of the research reported in the literature is focused on host-based systems rather than the network-based; unable to detect malicious activities occurring on mobile device through the Internet. This paper presents a detection app model for classification of apps. We investigate the accuracy of various machine learning models, in the context of known and unknown apps, benign and normal apps, with or without encrypted message-based app, and operating system version independence of classification. The best resulted machine learning(ML)-based model is embedded into the detection app for efficient and effective detection. We collect a dataset of network activities of 18 different malware families-based apps and 14 genuine apps and use it to develop ML-based detectors. We show that, it is possible to detect malicious app using network traces with the traditional ML techniques, and results revealed the accuracy (95–99.9 %) in detection of apps in different scenarios. The model proposed is proved efficient and suitable for mobile devices. Due to the widespread penetration of Android OS into the market, it has become the main target for the attackers. Hence, the proposed system is deployed on Android environment.     

Understanding the impact of personality traits on mobile app adoption – Insights from a large-scale field study

The sheer amount of available apps allows users to customize smartphones to match their personality and interests. As one of the first large-scale studies, the impact of personality traits on mobile app adoption was examined through an empirical study involving 2043 Android users. A mobile app was developed to assess each smartphone user's personality traits based on a state-of-the-art Big Five questionnaire and to collect information about her installed apps. The contributions of this work are two-fold. First, it confirms that personality traits have significant impact on the adoption of different types of mobile apps. Second, a machine-learning model is developed to automatically determine a user's personality based on her installed apps. The predictive model is implemented in a prototype app and shows a 65% higher precision than a random guess. Additionally, the model can be deployed in a non-intrusive, low privacy-concern, and highly scalable manner as part of any mobile app.