Design And Implementation Of Vulnerability Scanning System For Android Application

With the rapid development of mobile Internet,Android mobile phone has become the first mobile terminal equipment in the world because of its high performance-price ratio.At the same time,a large number of the security problems of users' sensitive information are leaked and trafficked frequently.Although the major mobile phone manufacturers have made safety standards and restrictions on the Android application market,it can not solve the security vulnerabilities of the Android mobile phone applications.Combined with Android application static detection technology and vulnerability scanning technology,this paper designs and implements Android application vulnerability scanning system.The main contents of this paper are as follows:The parse of the Apk package file.The Apk installation package is a list of resource files and code files necessary for Android application installation,where Android Manifest.xml and Classes.dex are key files.The system parse the file content from bytecode according to the two file formats mentioned above.Design and implementation of filter engine,string search engine and static DVM engine.The string search engine is designed to search string quickly and accurately based on the classes.dex file.The filtering engine is used to filter common class libraries like coom.parase,so as to improve the scanning efficiency.The static DVM engine is used to simulate the execution instructions of the Android application running environment and analyze the instruction actions.The 7 vulnerabilities are designed and implemented.According to the shortcomings of the design and implementation of the four major components of Android,the existing security problems are divided into network transmission information leakage,mismanagement of authority and component exposure,and 7 vulnerabilities are divided: Global readable write vulnerability,Content Provider file directory traversal vulnerability,Web View file access and exposure component vulnerability,SSL vulnerability,Implicitly broadcast vulnerabilities,dynamically registered non protected broadcast receiver vulnerabilities and allow debugging vulnerabilities.Analyse vulnerability principle,vulnerability location and vulnerability code for each vulnerability.The design and implementation of the two Apk packaging inspection.Hackers will decompile Apk and add malicious code for two times.In this case,the system provides 4 kinds of information that must be used in the process of decomcompiling the hacker,which are Isdebug information,Base64 coded string,SSL probe detection and signature information.The design and implementation of batch vulnerability scanning.In view of the shortcoming of the current vulnerability scanning system to scan a single Apk,the system integrates the above modules to provide single scan multiple Apk functions.Finally,this paper integrates the above research modules to form a Android application vulnerability scanning system that supports both a single application scan and multiple APK scanning,and gives a report of the results of the scaning.