Research On Interaction Security Of Android Application Based On Information Flow

With the development of the mobile Internet,the smart mobile terminal led by the Android mobile phone platform has developed rapidly and has promoted the prosperity of the mobile application software market.However,due to the open source of the Android system,there are many malicious software disguised as ordinary software for data exchange with other programs,stealing user account information and other sensitive information.Malicious programs leak sensitive information from users,causing direct or indirect economic losses to users and affecting people's lives.Against this background,this thesis analyzes the Android system architecture and security mechanism in-depth,and summarizes the security threats existing in Android.In view of the fact that the traditional information encryption mechanism does not cover the information data leakage completely and the encryption algorithm has the risk of being cracked,a security interaction system based on information flow is proposed in this thesis to improve the security of the system.For the mobile payment application scenario of the user,the system extracts the application flow data,and then analyzes to determine whether there is a malicious program to steal user information.Finally,the name of the program that threatens the user's information security is displayed on the payment page.This thesis introduces the information flow model based on the execution flow of Android system.It studies the Linux kernel hijacking technology and module loading technology,and extracts and stores application interaction flow data from the kernel layer.A flow matching process is designed for application-level specific data of sensitive data and malicious programs,and the multi-pattern matching algorithm is applied to match massive information flow and sensitive information.The test shows that the system has achieved the design goal and can more effectively identify malicious programs.Compared with the static analysis method,the false negative rate is lower.Compared with other dynamic analysis methods,it is more flexible and practical.The overhead at the kernel level basically has no impact on user operations,but the overhead at the application level is relatively large and there is room for optimization.