Research On Permission Detection And Vulnerability Analysis For Android Applications

Android operating system has occupied the majority of the market share of smart terminal operating systems,and smart devices with Android operating system have become the mainstream.Because mobile smart terminals carry lots of users' privacy information,and the Android application security mechanism has certain limitations,Android applications may have serious security risks.It is necessary to deeply study the security mechanism of Android application,especially the permission mechanism,and analyze the security risks of permissions in Android applications.At the same time,it is also necessary to pay attention to and study the security vulnerabilities of Android applications to help build a more secure Android application ecosystem.Android applications do not always strictly abide by the principle of least permissions,and many applications may apply for too many sensitive permissions,resulting in user privacy leakage and other security risks.Aiming at the problem of permission over-claim in Android applications,a method combining static analysis and semantic analysis is proposed.Through the static source code analysis of the target application,it is judged whether there are explicit permission over-claim and advertisement library permission over-claim in it.A semantic analysis method based on semantic similarity calculation is used to perceive and predict the functions of the target application,determine whether the sensitive permissions concerned belong to the functional categories of the application,and then analyze whether the application has implicit permission over-claim.A static analysis of 10,710 applications has been successfully performed.The experimental results show that 76.08% of the applications have explicit permission over-claim and 424 applications have advertisement library permission over-claim.At the same time,the semantic analysis can effectively detect the implicit permission over-claim which cannot be detected by the existing methods.Android applications may have security-related vulnerabilities,leading to serious security consequences.A hybrid analysis method combining static analysis and dynamic analysis is proposed to detect 9 important and common Android application security vulnerabilities.On the basis of the formal description of the Android application vulnerability pattern,the static analysis method based on metadata analysis and data flow analysis can quickly and effectively analyze whether the target application has some types of security vulnerabilities.At the same time,a dynamic analysis method based on dynamic executable scripts and function monitoring can drive the target application to run a customized execution path,verify the existence of corresponding security vulnerabilities,and can analyze security vulnerabilities that are difficult to detect by static analysis,so as to further expand the category of vulnerabilities detected.The experimental results show that the accuracy of static analysis is up to 95%,the dynamic analysis can successfully detect vulnerabilities and verify the existence of vulnerabilities.Compared with existing methods,the proposed hybrid vulnerability analysis method can effectively detect more types of vulnerabilities.Fast application is a new form of Android application that does not require installation in recent years.Fast application can also handle sensitive information about users and devices.For the first time,the object of security analysis is converted from ordinary Android applications to fast applications.Aiming at the problem of privacy leakage in fast applications,the overall structure analysis method based on metadata analysis and database analysis is proposed.At the same time,for the problem of permission abuse in fast applications,a static analysis method based on abstract syntax tree traversal and sensitive function rule matching is proposed.Experiments are conducted on the collected and constructed real-world fast application data sets.The results show that there are serious privacy leaks in the fast application database,and 15.28% of the fast applications have permission abuses.The effectiveness of the proposed two types of security analysis methods for fast application is verified.The methods proposed in this study can effectively analyze the permission risks and security vulnerabilities of ordinary Android applications and fast applications,and have good practical value and application prospects for improving the security of Android applications.