Design And Implementation Of Android Application Information Leakage Detection Platform Based On Data Flow

With the development of mobile Internet,more and more people benefit from the convenience of mobile applications.Android system has the largest market share,but because of its open source features and the ability of developers,there are many applications with different quality.Not only malicious applications will steal people's privacy data,but also benign applications will have the problem of information leakage.The existing static detection tool FlowDroid is used by the majority of researchers because of its accurate analysis,but it has the problem of high memory consumption in data flow analysis.To solve the above problem,this thesis proposes a data flow analysis scheme based on third-party library identification,designs and implements an Android application information leakage detection platform based on data flow.The main work of this thesis is as follows.1.In view of the problem that FlowDroid occupies too much memory when analyzing Android application data flow,this thesis proposes a data flow analysis scheme based on third-party library identification from the perspective of code analysis and application examples.The algorithm improves the algorithm of calling the graph in FlowDroid code,and improves the algorithm to generate the call graph deleted from useless edges for data flow analysis.After 500 applications are tested,the results show that this method can achieve 80%of the original CG creation time and memory usage,and only 80%of the original memory usage in data flow analysis with more than 95%accuracy,which is better than FlowDroid.2.Based on the requirement of detecting application information leakage,an Android application information leakage detection platform is designed.The system is divided into client and server.The client is Android application,including application discovery module,data processing module and user module,which provides a platform for people to upload applications and display information.The server adopts the architecture of microservice,including basic support and business module.The basic support is to coordinate the storage,sequential execution,start and stop of business services,while the business module is The core function modules include static detection,dynamic detection,resource file analysis and shelling.3.Based on the design,the Android application information leakage detection platform is implemented.What the platform finally shows to people is APK application.People can submit APK to detect whether there is information leakage in the application.The main technologies used are shelling,static detection and dynamic detection,there are also some supporting middleware,such as Redis,ZooKeeper and Genymotion emulator.Finally,100 simulation requests are submitted to the server at the same time,and the requests can be executed orderly.When some nodes are cancelled,the system can also execute normally,which shows that the system has the advantages of high availability and high concurrency.