Research On Android Application Sensitive Data Access Control Based On Security Wrapper

The Android system is currently the mobile operating system with the highest market share,and the research work on the security protection mechanism of its user privacy has also been a hot spot.To protect user privacy,the Android system uses a display-defined and user-authorized permission control mechanism.However,this permission control mechanism has the following problems:(1)The Android system has a small control over the system API.The Android system grades the permissions required to call the system API,and only controls the permissions which are above the dangerous level,therefore the scope of control is not comprehensive.(2)The Android system has a coarse granularity of system API control.The existing permission control mechanism does not consider the different conditions under which users allow applications to call system APIs in different scenarios.(3)The Android system has limitations on the control methods of the system API.For the purpose of realizing user portrait analysis,some applications ask users for API permissions that have nothing to do with their basic functions.When the user refuses to provide these irrelevant permissions,the permission control mechanism of the Android system will interrupt the operation of the application.In response to the above problems,this article proposes a security framework based on Security Wrapped to replace the existing Android permission control mechanism.The framework builds a lightweight virtual environment at the application layer to encapsulate the access interface of the system layer,thereby intercepting the access of the application to the system API.The framework introduces an access control model based on user attributes to realize the dynamic control of application.The framework uses the preference learning algorithm to learn user behavior attributes to generate access policies by obtaining the context attributes at the time of the request,and realizes fine-grained dynamic permission control for applications At the same time,in view of the unstable operation of the existing application when the system cannot obtain the sensitive permission,a new control strategy is introduced in the access control model based on user attributes,that is,the user's private data is desensitized and submitted to the application.Aiming at the problem of poor availability of existing desensitized data generation methods,a new type of user desensitization data generation algorithm based on the confrontation generation network is proposed.This algorithm uses the confrontation generation network to transfer the features of the original data to the desensitized data which can ensure the privacy of user data while satisfying the application's reasonable user profile analysis needs.Further to the problem that the confrontation generation network model may be subject to member inference attacks,the security improvement of the above algorithm is proposed.Differential privacy noise is added to the gradient encoding during the gradient backpropagation process,thereby ensuring the privacy of the user's data.The main work and innovations of this paper are as follows:In order to solve the problem that some applications of the Android system adopt crossborder access to user privacy data in order to analysis users' feature,and they cannot run stably if users reject their requests.This paper proposes and implements an Android security framework based on security wrapped protection.By building a lightweight virtual environment at the application layer,the framework can intercept Android application system API access and implement non-intrusive dynamic permission control of the system.The framework adopts an access control model based on user attributes,including three parts:attribute-based policy management,policy decision-making and policy execution.In terms of strategy management,the XACML language is used to manage policy files;in terms of policy decision-making,user behavior is continuously learned through preference learning algorithms to generate current execution strategies;in terms of policy execution,new control strategies are implemented: if the application tries to access users' sensitive data,framework will intercept its access and return desensitized user privacy data to ensure the normal operation of the application.In order to solve the problem that the existing desensitized data generation method causes the user profile analysis function to be unavailable,this paper proposes a user privacy desensitized data generation algorithm based on the generation of confrontation networks,which improves the availability of data while ensuring data privacy.The algorithm is based on a generative confrontation network,using a variational autoencoder to extract user data features and transfer the features to desensitized data;at the same time,it uses a multi-head attention mechanism to strengthen the extraction of the main features of user data;in order to ensure that the availability of desensitized data.To ensure the availability of the desensitized data,its discriminator uses the application's neural model to adjust the generator's output.Due to the random characteristics and approximate process in the learning process of the differential autoencoder,the desensitized data is independent of the user's original data,thereby protecting the user's private data.The desensitization data has the characteristics of the original data due to the guidance of the discriminator,and the result of user profile analysis based on the desensitization data is approximately the same as the original data analysis result.Therefore,user privacy can be protected without affecting the analysis of the portrait.In order to solve the problem that users are vulnerable to member inference attacks to obtain user information in the process of user privacy desensitization data,this paper uses an improved algorithm for user privacy desensitization data based on Ruili differential privacy.The algorithm encodes the gradient and provides differential privacy noise in the process of gradient backpropagation,and uses the differential privacy post-processing feature to denoise the encoded gradient to improve the utility of the model.The algorithm can obtain a fixeddimensional privatization gradient by encoding the gradient,and use the Rayleigh distance between the privatization gradients to calculate the privacy budget under any noise distribution.Therefore,it is possible to find an optimal noise distribution that makes the model most effective under a fixed privacy budget.At the same time,the dimensionality reduction of the gradient in the encoding process can simplify the calculation and save the memory overhead.Adding differential privacy noise to the gradient can minimize the impact of the original user data in the training set on model training,making it difficult for an attacker to recover a single original user data through the model,thereby resisting member inference attacks.