| For the past few years, with the universalness of the smart mobile terminal, the market of mobile application has become loads of developers’ideal platform to advertise and sell. As for this market, due to the advantage of open source and the freedom, Android occupies the majority of this market, therefore, the total amount of applications which aim at the Android’s development and design shows a trend of geometric growth. Nevertheless, due to the freedom of the Android, the mobile market of Android can not get a consolidated supervision which results in loads of opportunities for lawless individuals so that a great many of rogue programs flow into the market. Meanwhile, because of the powerful application functions of the mobile phone, many users’ privacy data which included records of both short messages and contact, and even personal photos was stored in the mobile terminals. These rogue programs could grasp these users’ privacy information so that causes the leakage of users’ information and this could make users suffer the loss from both aspects of spirit and economy. Although Android provide some security regimes such as the authority management, the shortages of these regimes let the systems could not protect the users’privacy information completely.The research investigates and analysis the source code of Android. During the procedure of investigation, it is found that the transmittal of the data mainly concentrate on the exits of internet short messages and blue tooth. According to this feature of the system, the research amends the source code of exits of Android and construct the monitoring and control module which is called "Monitor" so that achieves the monitoring system of privacy leakage which is called "ShielDroid". The system utilizes the ways of dynamic monitoring about the track of black box which bases on regulation of tag. This way could monitor the privacy data from the exits and successfully avoids the drawback of over-consume of system resources due to the track of white box. In order to perfect the system, the research constructs the tactic of safe guard for protecting the users’privacy data when the rogue programs are installed in the users’terminals. When these is a activity of leakage, the module would reminds the user take relative measures in time and the module would utilized the means of obstructing, recording correspondingly according to the different degree of the leakage.In order to achieve the large-scale test of application, the research achieves the automatic platform of examination as well which makes the application finally achieves the automatic flow of set up, launch, trigger and uninstall. With the help of the system of ShielDroid and automatic test platform, the auditor could supervise the application online dynamically, the auditors could eliminate the malicious applications with rogue leakage activities to users’ privacy information so that to make a contribution to purification of markets of Android’s application. In addition, through the large-scale test of both automatic test platform and the TaintDroid, it proves that ShielDroid system nearly equals to TaintDroid in the aspects of case detection ratio but it has the advantage of low consume of system resources so that the new system’s feasibility and superiority in the research is proved. Obviously, the ShieldDroid still, could be improved in many aspects, it is believed that in the further research, the system’s superiority could be improved so that a more mature and perfect system of privacy leakage detection could be developed. |
PDF Full Text Request