基于通信顺序进程的Android程序复杂信息流分析方法

doi:10.11959/j.issn.2096-109x.2021086

Abstract

Abstract:

Android privacy leak problem is becoming more and more serious.Information flow analysis is a main method to find privacy leak.Traditional information flow analysis methods mainly focus on single accessibility analysis, which is difficult to analyze complex information flow.An information flow analysis method based on communication sequence process was proposed.The formal model of application behavior was established, which can fully describe the information flow of program.The process trace equivalence analysis method could automatically verify complex information flow problems such as information flow association and information flow constraints.This method could detect whether the application program leaks sensitive information.Experimental results show that the accuracy of the proposed method can reach 90.99%.

Key words: Android, information flow analysis, privacy protection, formal analysis, communicating sequential process

CLC Number:

TP309

Zhanhui YUAN, Zhi YANG, Hongqi ZHANG, Shuyuan JIN, Xuehui DU. Android complex information flow analysis method based on communicating sequential process[J]. Chinese Journal of Network and Information Security, 2021, 7(5): 156-168.

Figures/Tables 16

References 32

[1]	HOARE C A R . Communicating sequential processes[M]. NJ,USA: Prentice Hall, 1985.
[2]	ENCK W , GILBERT P , CHUN B G ,et al. TaintDroid:an information-flow tracking system for realtime privacy monitoring on smartphones[J]. ACM Transactions on Computer Systems, 2010,57(3): 393-407.
[3]	VACHHARAJANI N , BRIDGES M J , CHANG J ,et al. RIFLE:an architectural framework for user-centric information-flow security[C]// Proceedings of 37th International Symposium on Microarchitecture (MICRO-37'04). 2004: 243-254.
[4]	BANERJEE S , DEVECSERY D , CHEN P M ,et al. Iodine:fast dynamic taint tracking using rollback-free optimistic hybrid analysis[C]// Proceedings of 2019 IEEE Symposium on Security and Privacy (SP). 2019: 490-504.
[5]	ZHANG M , YIN H . Efficient,context-aware privacy leakage confinement for android applications without firmware modding[C]// Proceedings of the 9th ACM Symposium on Information,Computer and Communications Security. 2014: 259-270.
[6]	JIA Y J , CHEN Q A , WANG S Q ,et al. ContexIoT:towards providing contextual integrity to appified IoT platforms[C]// Proceedings of 2017 Network and Distributed System Security Symposium. 2017.
[7]	ZONG P , LV T , WANG D ,et al. FuzzGuard:filtering out unreachable inputs in directed grey-box fuzzing through deep learning[C]// Proceedings of 29th USENIX Security Symposium (USENIX-SS'20). 2020.
[8]	SHE D D , CHEN Y Z , SHAH A ,et al. Neutaint:efficient dynamic taint analysis with neural networks[C]// Proceedings of 2020 IEEE Symposium on Security and Privacy (SP). 2020: 1527-1543.
[9]	NGUYEN-TUONG A , GUARNIERI S , GREENE D ,et al. Automatically hardening web applications using precise tainting[M]// Security and Privacy in the Age of Ubiquitous Computing. Boston,MA: Springer US, 2005: 295-307.
[10]	NEWSOME J , SONG D . Dynamic taint analysis for automatic detection,analysis,and signature generation of exploits on commodity software[C]// Proceedings of the Network and Distributed System Secu-rity Symposium (NDSS '05). 2005.
[11]	KONG J F , ZOU C C , ZHOU H Y . Improving software security via runtime instruction-level taint checking[C]// Proceedings of the 1st Workshop on Architectural and System Support for Improving Software Dependability. 2006: 18-24.
[12]	HALDAR V , CHANDRA D , FRANZ M . Dynamic taint propagation for Java[C]// Proceedings of 21st Annual Computer Security Applications Conference (ACSAC'05). 2005:311.
[13]	VOGT P , NENTWICH F , JOVANOVIC N ,et al. Cross site scripting prevention with dynamic data tainting and static analysis[C]// Proceedings of the Network and Distributed System Security Symposium (NDSS '07). 2007.
[14]	CABALLERO J , POOSANKAM P , MCCAMANT S ,et al. Input generation via decomposition and restitching:finding bugs in malware[C]// Proceedings of the 17th ACM Conference on Computer and Communications Security. 2010: 413-425.
[15]	ENCK W , GILBERT P , CHUN B G ,et al. TaintDroid:an information-flow tracking system for realtime privacy monitoring on smartphones[C]// Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation. 2019: 393-407.
[16]	ZHU D Y , JUNG J , SONG D ,et al. TaintEraser[J]. ACM SIGOPS Operating Systems Review, 2011,45(1): 142-154.
[17]	KANG M G , MCCAMANT S , POOSANKAM P ,et al. DTA++:dynamic taint analysis with targeted control-flow propagation[C]// Proceedings of the Network and Distributed System Security Symposium (NDSS '11). 2011.
[18]	ARZT S , RASTHOFER S , FRITZ C ,et al. FlowDroid:precise context,flow,field,object-sensitive and lifecycle-aware taint analysis for Android Apps[C]// Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation. 2014: 259-269.
[19]	WEI F G , ROY S , OU X M ,et al. Amandroid:a precise and general inter-component data flow analysis framework for security vetting of Android Apps[C]// Proceedings of the ACM Conference on Computer and Communications Security. 2014: 1329-1341.
[20]	LI L , BARTEL A , BISSYANDé T F ,, et al . IccTA:detecting inter-component privacy leaks in android Apps[C]// Proceedings of 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering. 2015: 280-291.
[21]	BIANCHI A , CORBETTA J , INVERNIZZI L ,et al. What the App is that? Deception and countermeasures in the android user interface[C]// Proceedings of 2015 IEEE Symposium on Security and Privacy. 2015: 931-948.
[22]	ZHAO Q C , ZUO C S , DOLAN-GAVITT B ,et al. Automatic uncovering of hidden behaviors from input validation in mobile Apps[C]// Proceedings of 2020 IEEE Symposium on Security and Privacy (SP). 2020: 1106-1120.
[23]	SONG F , TOUILI T . Model-checking for android malware detection[M]// Programming Languages and Systems. Cham: Springer International Publishing, 2014: 216-235.
[24]	BAI G D , YE Q Q , WU Y Z ,et al. Towards model checking Android applications[J]. IEEE Transactions on Software Engineering, 2018,44(6): 595-612.
[25]	MERCALDO F , NARDONE V , SANTONE A ,et al. Ransomware steals your phone.formal methods rescue it[M]// Formal Techniques for Distributed Objects,Components,and Systems. Cham: Springer International Publishing, 2016: 212-221.
[26]	MERCALDO F , NARDONE V , SANTONE A ,et al. Download malware? No,thanks:how formal methods can block update attacks[C]// Proceedings of the 4th FME Workshop on Formal Methods in Software Engineering. 2016: 22-28.
[27]	BATTISTA P , MERCALDO F , NARDONE V ,et al. Identification of android malware families with model checking[C]// Proceedings of the 2nd International Conference on Information Systems Security and Privacy. 2016: 542-547.
[28]	CANFORA G , MARTINELLI F , MERCALDO F ,et al. LEILA:formal tool for identifying mobile malicious behaviour[J]. IEEE Transactions on Software Engineering, 2019,45(12): 1230-1252.
[29]	MILNER R . Communication and concurrency[M]. Prentice Hall, 1989.
[30]	BARBUTI R , DE FRANCESCO N , SANTONE A ,et al. Selective mu-calculus and formula-based equivalence of transition systems[J]. Journal of Computer and System Sciences, 1999,59(3): 537-556.
[31]	SURHONE L M , TENNOE M T , HENSSONOW S F ,et al. Jimple[M]. Betascript Publishing, 2010.
[32]	SHEN F , VECCHIO J D , MOHAISEN A ,et al. Android malware detection using complex-flows[C]// Proceedings of IEEE Transactions on Mobile Computing. 2017: 1231-1245.

Metrics

Recommended 0

No Suggested Reading articles found!

参数名称	参数状态
staticTracking	true
implicitFlows	true
enableCallbacks	true
enableExceptions	true
accessPathLength	5
flowSensitiveAliasing	true
computeResultPaths	true
aggressiveTaintWrapper	false
librarySummaryTaintWrapper	false
enableImplicitFlows	true
enableStaticFields	true
enableTypeChecking	true
ignoreFlowsInSystemPackages	true
inspectSources	false
inspectSinks	false
stopAfterFirstFlow	false

信息流泄露漏洞名称	FlowDroid	本文方法
Insecure Contnt Provider access	★	★
Insecure Webview implementation	★	★
Sensitive Information in Memory	★	★
Insecure Logging mechanism	★	★
Android Pasteboard vulnerability	★	★
Android keyboard cache issues	★	★
Android Backup vulnerability	★	★
Insecure SDCard storage	★	★
Insecure HTTP connections	★	★

DroidBench2.0类别	泄露路径数	FlowDroid			本文分析方法
DroidBench2.0类别	泄露路径数	TP	FP	FN	TP	FP	FN
Aliasing (1)	0	0	1	0	0	1	0
Arrays and Lists (7)	3	3	4	0	3	4	0
Callbacks (15)	17	17	1	0	17	0	0
Field and Object Sensitivity (7)	2	2	0	0	2	0	0
Inter-App Communication (3)	3	3	0	0	3	0	0
ICC (18)	19	17	0	2	17	0	2
Lifecycle (17)	17	17	2	0	17	2	0
General Java (23)	20	18	4	2	18	2	2
Android-Specific (13)	11	7	1	4	7	1	4
Implicit Flows (4)	8	7	0	1	7	0	1
Reflection (4)	4	1	0	3	1	0	3
Threading (5)	5	3	0	2	3	0	2
Emulator Detection (3)	6	6	0	0	6	0	0
总数	115	101	13	14	101	10	14
准确率Precision=TP/(TP+FP)		88.60%			90.99%
召回率Recall=TP/(TP+FN)		87.83%			87.83%

DroidBench2.0类别	FlowDroid平均耗时/s	代码转换平均耗时/s	形式化建模平均耗时/s	模型检测平均耗时/s	本文方法总平均耗时/s
Aliasing (1)	266.51	9.62	5.50	259.98	275.10
Arrays and Lists (7)	272.97	9.74	5.60	263.96	279.30
Callbacks (15)	253.05	10.24	6.06	256.41	272.71
Field and Object Sensitivity (7)	262.97	10.98	6.83	261.04	278.85
Inter-App Communication (3)	281.27	10.65	6.50	273.98	291.13
ICC (18)	302.77	10.10	5.90	294.47	310.47
Lifecycle (17)	296.91	10.44	6.21	292.82	309.47
General Java (23)	305.59	10.78	6.56	282.13	299.47
Android-Specific (13)	304.88	10.89	6.73	277.82	295.44
Implicit Flows (4)	306.32	10.31	6.14	290.75	307.20
Reflection (4)	300.34	10.52	6.34	291.95	308.81
Threading (5)	294.29	11.07	6.89	272.22	290.18
Emulator Detection (3)	269.85	11.42	7.24	254.32	272.98
平均值	285.98	10.52	6.35	274.76	291.62

Android complex information flow analysis method based on communicating sequential process

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 16

References 32

Related Articles 15

Metrics

Recommended 0

[1]	Jianlong XU, Jian LIN, Yusen LI, Zhi XIONG. Distributed user privacy preserving adjustable personalized QoS prediction model for cloud services [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 70-80.
[2]	Zhe SUN, Hong NING, Lihua YIN, Binxing FANG. Preliminary study on the construction of a data privacy protection course based on a teaching-in-practice range [J]. Chinese Journal of Network and Information Security, 2023, 9(1): 178-188.
[3]	Xue BAI, Baodong QIN, Rui GUO, Dong ZHENG. Two-party cooperative blind signature based on SM2 [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 39-51.
[4]	Min XIAO, Tao YAO, Yuanni LIU, Yonghong HUANG. Dynamic and efficient vehicular cloud management scheme with privacy protection [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 70-83.
[5]	Chenxin LU, Bing CHEN, Ning DING, Liquan CHEN, Ge WU. Identity-based anonymous cloud auditing scheme with compact tags [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 156-168.
[6]	Shengzhi MING, Jianming ZHU, Zhiyuan SUI, Xian ZHANG. Online medical privacy protection strategy under information value-added mechanism [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 169-177.
[7]	Xian ZHANG, Jianming ZHU, Zhiyuan SUI, Shengzhi MING. Analysis on anonymity and regulation of digital currency transactions based on game theory [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 150-157.
[8]	Feng LIU, Jie YANG, Jiayin QI. Survey on blockchain privacy protection techniques in cryptography [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 29-44.
[9]	Lin JIN, Youliang TIAN. Multi-authority attribute hidden for electronic medical record sharing scheme based on blockchain [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 66-76.
[10]	Weicheng ZHANG, Hongquan WEI, Shuxin LIU, Liming PU. Fast handover authentication scheme in 5G mobile edge computing scenarios [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 154-168.
[11]	Zhensheng GAO, Lifeng CAO, Xuehui DU. Research progress of access control based on blockchain [J]. Chinese Journal of Network and Information Security, 2021, 7(6): 68-87.
[12]	Chuanxin ZHOU, Yi SUN, Degang WANG, Huawei GE. Survey of federated learning research [J]. Chinese Journal of Network and Information Security, 2021, 7(5): 77-92.
[13]	Rongna XIE, Xiaonan FAN, Lin YUAN, Zichen GUO, Jiayu ZHU, Guozhen SHI. Research on extended access control mechanism in online social network [J]. Chinese Journal of Network and Information Security, 2021, 7(5): 123-131.
[14]	Fan CHAO, Zhi YANG, Xuehui DU, Bing HAN. Classified risk assessment method of Android application based on multi-factor clustering selection [J]. Chinese Journal of Network and Information Security, 2021, 7(2): 161-173.
[15]	Kui REN, Quanrun MENG, Shoukun YAN, Zhan QIN. Survey of artificial intelligence data security and privacy protection [J]. Chinese Journal of Network and Information Security, 2021, 7(1): 1-10.