Research And Implementation Of Key Techniques Of Application Security Evaluation Based On IOS Platform

With the rapid popularity of smart phone globally, especially with the operating system of iOS and Android, smart phone has involved with every part of our daily life gradually. During this process, smart phone has widely access to more and more sensitive information about our privacy inevitably. This indirectly leads to the bloom of malwares and dangerous applications on the iOS platform, with the great thread to user’s personal safety and data security. Though Apple has introduced a vetting process, preventing malware from App Store, there are security incidents happened such as iPhone upload user’s location information stealthily. That reflects the drawback of Apple’s incompletely documented vetting process. On the study of iOS platform security, the achievement of current study focus on the mechanism of iOS system security, the protection solution of iOS apps privacy leaking and iOS forensics, etc.Based on the deep analysis of the security mechanism of iOS operating system and the iOS platform apps, from the view of the detection of iOS user’s privacy leakage, a methodology was introduced to perform the security analysis of apps targeting iOS platform, after a complete study of iOS apps security evaluation techniques. Along with the new method, is a system that we designed and implemented which can perform previous security analysis procedure of iOS apps, making the detection of iOS malicious action easily and effectively.The primary work of our research is as follows:Introduction of the current development situation of mobile internet both in general and in security aspect. By the description of current security situation of iOS apps, we introduced the basic information about the security analysis technique targeting iOS apps.After the deep analysis of the security mechanism of iOS operating system and specific technique about security analysis, we introduced the basic clue to perform security analysis of iOS apps, as the foundation of the analysis process below. The introduction of an approach to perform security analysis of iOS apps, along with the validation instance. After the validation process, we provided the architecture of security analysis system targeting iOS apps, with all of its module. At last, an test instance of this system targeting test application is performed to prove the availability of this evaluation system.