| With the development of Android system for mobile equipment, security problem of Android is becoming a big topic. As a tool for people using every day in communication, mobile equipment always save most of the security sensitive information of user.This article presents an Android code analysis tool to protect the code written by developers from being used by any other malicious application.In Android system, components which are basic unit can be interfaces for other applications using, so that Android application source code has a good reusability. But there are also security problems, component as a unit in communication need to be well protected, especially some of them which contains security sensitive information of user. If any malicious application gets this kind of information, it will take a great loss to user. For instance, components which are not protected by strong permissions can become a tool of malicious applications and incautious intents from components can leak information of user by intercepted by malicious applications. At first, this article analyzed this kind of situations and raised solutions for each problem. Then it designed a process to check if there are some problems in Android code and implemented the process as a program, and the program has integrated some open source tools in decompiling of Android code and can raise warning for the code problems. The warnings are mainly about component security and communication security. By using this program, developer can check their code in communication safety between components, so that user can use it to check applications which are not trusted.At last, this article has chosen some of the applications from the Android Market to test the check program, and then the result for running this program proved that it could be a tool for developer to make their applications safer. |
PDF Full Text Request