| With the rapid popularization of mobile intelligent terminal, many people are related to all kinds of apps and enjoying the convenience from online-services. However personal sensitive information is exposed to apps at the same time. There is no doubt that Android system occupies the largest part in intelligent terminal market.Larger number of malicious actions are detected. As the developing of application security analysis, many static and dynamic methods put into practice. Since Android is open-source, new kind malicious actions upgrade with complexity, agility. Attack with connecting apps is exploited and improved. Faced with attack from related apps, how to detect and analyze these actions effectively is an essential issue.Up to now, research on confused deputy attacks and Collusion attacks focus on security risk of components. But only realize component’s permission leak could not locate deep malicious action.No simple evaluating system can directly display the ability to affect other applications. Through further study of extracting connecting actions, evaluating the influence of an application and analyzing risk of these actions, this paper design and implement the security detection system on Android intelligent terminal, which mainly points out the safe risk of related actions among connecting applications other than component risk. This system includes pre-processing module, application connecting action analysis module and action security detection module. Pre-processing module extracts all APK files from terminals and decompile them to get smali files. Application connecting action analysis module finds actions related with inter-application communication and evaluates these applications’ impacts.Connecting action security detection module determines inter-application related action have any risk of privilege mission leakage or component hijacking. The three achievements of this paper are as follows:Firstly, in order to recover full path from source component in source app to destination component in destination app, we put forward inter-application connecting action extraction method from smali files according to control flow and data flow.Secondly, import PageRank algorithm into connecting application relationship so that we can have quick and direct cognition about the impact of applications.Thirdly, so as to analyze security risk of inter-application connecting actions, we need to compare permission declaration and inter-application intent information.And results show that this system can detect security on Android intelligent terminal efficiently in the view of inter-application connecting actions. It will regard all apps from terminal as a complete entirety, and extract related connecting actions. More apps on the phone, the more actions will be found. Compared to the static detection and dynamic detection method, this system adds more security analysis about the interactions among different applications. |
PDF Full Text Request