Research On Privacy Leak Detection And Protection Technology For Android

Posted on:2019-09-25

Degree:Master

Type:Thesis

Country:China

Candidate:L Jiang

Full Text:PDF

GTID:2428330596950388

Subject:Software engineering

Abstract/Summary:

PDF Full Text Request

Because of its openness,Android has become the most popular operating system with the largest market occupancy rate.Its good performance and rich functions make it the mainstream mobile operating system while providing users with great convenience.However,due to the lax management of the third-party App Store,many APPs with uneven quality lead to a large number of privacy leakages.Therefore,it is of great importance to study the technology of privacy leak detection and protection for Android.In this paper,we do the research on privacy leak detection and protection technology for Android.The main contents are as follows:(1)In order to detect privacy leak,and to deeply explore the reason of privacy leak and the information of usage scenario of permission,this paper extends the definition of privacy leak and introduces the elements of encryption and storage.We design a context information model which combines the static taint analysis with the Call Graph of an APP to restore the call scene of the privacy-related APIs.The experimental results show that the proposed model can effectively trace the context of privacy and detect the security problems of encryption and storage of User-Input Privacy data at the same time.(2)In order to solve the problem of incompatibility brought by the Android fragmentation and to avoid the reinforced APPs againsting static analysis,we propose a privacy protection mechanism based on the dynamic behavior senses.It can reflect the real triggering scene of the privacy data by collecting the dynamic execution information and context information of the APP.Then we design the APP behavioral matching algorithm and let the API calls which have the risk of privacy disclosure be decided by the user to perceive the APP behaviors.The experimental results show that the proposed protection mechanism can intercept API calls dynamically,control the access to privacy files,and easily be deployed in multiple Android versions.Based on the research above,we design and implement each module,and preliminarily complete the prototype system in the end.The experimental results show that using the detection method designed in this paper can effectively solve the problem of privacy leak detection.At the same time,the proposed privacy protection scheme can protect privacy data under user perception.

Keywords/Search Tags:

Android, encryption, privacy protection, HOOK, combination of static and dynamic analysis

PDF Full Text Request

Related items

1	Research On Privacy Protection Method Based On Android Authority Mechanism
2	Research On Privacy Leakage Analysis And Data Protection Technology Of Android Application
3	Research And Implementation Of Secure Container For Android Privacy Data Protection
4	Research On Android Software Detection Method Based On User Privacy Protection Perspective
5	A Novel Privacy Protection Approach Based On Android Application's Runtime Behavior Monitor And Control
6	Design And Implementation Of Android Vulnerability Analysis System Based On Static And Dynamic Combination
7	Android Privacy Protection Technique Based On Application Behavior Detection
8	Research On Privacy Disclosure Detection Technology For Android Applications
9	Design And Implementation Of Android Application Based On Privacy Protection
10	Based On The Taint Analysis Of Android Privacy Leak Detection System Design And Implementation