On The Issues Of Enhancing The Security Of Android Applications And Privacy Protection

The popularity of smart mobile computing platforms such as Android device has changed the way people process the information.Developers have built myriads attractive and innovative applications to add convenience and fun to people's lives.Users also store quite an amount of sensitive data from those service,such as camera,telephony and GPS,on the device.Once such information is leaked,the users' privacy and property security will be in a dangerous condition.In response,a wide variety of privacy protection techniques and tools have been proposed by the security researchers and engineers.Since its inception in 2008,Android has become the leading mobile operating system and its security has been a thriving subject of research in the past few years.Because of its openness,Android is more vulnerable than other mobile operating system.According to the statistics of Common Vulnerabilities and Exposures(CVE),the vulnerabilities found in Android is 1.5 times as many as i OS.Benefited by its openness,Android developed and spread quickly around the world,which also brings a great challenge to its security.Previous studies have shown that Android has many security flaws related to application management,permission management,access control policy and privacy protection.These flaws may bring risks to users' property and personal security.To improve the integral security of Android,a lot of researchers have proposed different security reinforcement techniques.Some of these techniques have been merged into Android Open Source Project as official features of Android.But there are still many unsolved security problems in Android worth to be studied.In this thesis,we focus on protecting Android applications and privacy data stored in Android devices.This thesis makes the following contributions:1.We propose SMOG,a comprehensive executable code obfuscation system to protect Android app.Android applications are mainly programmed in Java,which makes them easy to be analyzed.SMOG can obfuscate the compiled Dalvik bytecode based on instruction set permutation.Each Dalvik bytecode of the protected application will be randomly permuted into a different one.The obfuscated app generated by SMOG could resist static and dynamic reverse engineering.The execution environment is setup by integrating the received execution token,which endows the Android Dalvik VM the capability to execute the obfuscated app.Moreover,the benchmark result shows SMOG only costs about 5% more performance in dispatching the incoming bytecode to the proper interpreter.2.We generate an in-depth study to the security of massive multiplayer online games(MMO games)on Android.The MMO game is a special Android application with different code architecture.Traditional application reinforcement techniques can be adopted directly.We study the ecosystem of Android MMO game and raise our threat model.We discover many different kinds of attacks that can lead to the loss of the developer's income.We also provide some protection techniques to improve the security of resources(code,video,audio,image,memory data and so on)in such kind of applications.3.We study the security of different data deletion operations in Android.We choose three typical data deletion scenarios with mobile devices in daily life,such as data clearing,application uninstallation and factory reset.Our experiments reveal that all these data deletion operations will lead to data remanence issue.Most of these residual data will be kept on the disk for more than two months.We also design and implement an advanced data remain evaluating framework based on the file carving technique.The implemented Data Raider is able to extract private data in raw disk image without any file system information,and the recovery rate is considerably high in the four test Android phones.4.We makes a systematic study to the execution footprints of Android applications.We find that except those well-known sensitive information such as files and memory data,the IPCs and some side-channel information can also be used to infer the execution and behavior of a certain application.We present a privacy enhancement system Mist to achieve the goal of execution footprint expunging of Android apps.Mist adopts a comprehensive footprint detecting and expunging policies,and works with real-world Android devices.We evaluate Mist with popular Android apps and demonstrate that Mist can eliminate most execution footprints compared with regular Android OS.