| With the widespread use of Android mobile devices.But then there's the problem of the hidden security vulnerabilities of Android apps,So the research of vulnerability analysis for Android applications is important.The taint analysis can be divided into three types: dynamic,static and mixed.The advantage of static analysis is that the code coverage is high and the rate of missing report is low,but because there is no actual running program,the context information of the running time of the program cannot be obtained,which leads to the false alarm rate being too high.The disadvantages of dynamic analysis is that the coverage of analysis code is low,and the rate of missing report is high.In order to improve the accuracy of static taint analysis results and reduce false alarms,a method to verify the correctness of the static analysis results are needed.This paper proposes a test case generation method based on inverse conditional constraint solving for generation inputs for potential taint propagation paths.First execute the path information(seed Trace)based on the program that the pile gets to cover Source to Sink.Then collecting the if conditional judgment statement in Trace,designing the related conditional expression normalization rule,combining the thumbnail extraction and semantic transformation,the relevant test cases can be obtained by Z3.Then use the new test case to execute the Android APP to get other Traces,and finally analyze all Traces to determine whether it is a false alarm,thus effectively reducing false alarms and improving positive. |
PDF Full Text Request