| Android is the mobile operating system with the highest usage rate in the current mobile Internet era.Its rich application and interaction have brought great changes to people's lives.However,its large number of App also brought a lot of data security problems,especially in the era of data explosion,the protection of the user's privacy data is particularly important.Google has been working hard to improve the safety of Android,but due to the fragmentation of the system,resulting in the user's system updates often have a great lag,coupled with the user's own data security awareness of the weak,and the lack of systematic and effective guidance(For example,sensitive permissions are not specific enough),so there is still a serious privacy data security issue on the Android platform.According to the problem of privacy disclosure on the Android platform,a risk assessment model for the life cycle of Android data is proposed in this research.Combined with a number of working scenarios,the risk analysis of the data is quantitatively analyzed.Based on the analysis results,this paper proposes an application-level privacy data security container,PPE-Droid,which aims to establish a secure execution environment for users to protect privacy and to solve the existing limitations of the existing solutions.In addition,we implemented dynamic control-flow generation techniques for specific functions in this container to track user privacy propagation paths in real time and provide a flexible and granular security policy for data protection.Experiments show that this scheme can effectively limit the problem of privacy data leakage. |
PDF Full Text Request