通信学报 ›› 2020, Vol. 41 ›› Issue (2): 155-164.doi: 10.11959/j.issn.1000-436x.2020020

• 学术论文 • 上一篇    下一篇

Android设备中基于流量特征的隐私泄露评估方案

王竹1,2,贺坤1,2,王新宇1,2,牛犇1(),李凤华1,2   

  1. 1 中国科学院信息工程研究所,北京 100093
    2 中国科学院大学网络空间安全学院,北京 100049
  • 修回日期:2019-12-06 出版日期:2020-02-25 发布日期:2020-03-09
  • 作者简介:王竹(1972- ),女,山西太原人,博士,中国科学院高级工程师,主要研究方向为信息安全、人工智能|贺坤(1995- ),男,安徽安庆人,中国科学院硕士生,主要研究方向为信息保护、隐私计算|王新宇(1989- ),男,甘肃平凉人,中国科学院博士生,主要研究方向为信息保护、隐私计算|牛犇(1984- ),男,陕西西安人,博士,中国科学院副研究员,主要研究方向为网络安全、隐私计算|李凤华(1966- ),男,湖北浠水人,博士,中国科学院研究员、博士生导师,主要研究方向为网络与系统安全、信息保护、隐私计算
  • 基金资助:
    国家重点研发计划基金资助项目(2017YFB0802203);国家自然科学基金资助项目(61872441);国家自然科学基金资助项目(61672515);中国科学院青年创新促进会人才基金资助项目(2018196)

Traffic characteristic based privacy leakage assessment scheme for Android device

Zhu WANG1,2,Kun HE1,2,Xinyu WANG1,2,Ben NIU1(),Fenghua LI1,2   

  1. 1 Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China
    2 School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China
  • Revised:2019-12-06 Online:2020-02-25 Published:2020-03-09
  • Supported by:
    The National Key Research and Development Program of China(2017YFB0802203);The National Natural Science Foundation of China(61872441);The National Natural Science Foundation of China(61672515);Youth Innovation Promotion Association CAS(2018196)

摘要:

针对Android操作系统App内第三方域名采集用户信息造成的隐私泄露问题,基于TF-IDF模型和层次聚类方法提出了移动设备中的隐私泄露评估方案HostRisk。TF-IDF模型通过App内域名的行为特征计算域名与App的业务相关性,对于未能表现出App业务相关性行为特征的业务相关域名通过平均连接的凝聚型层次聚类方法进行调整优化,最终根据App内所有域名的排名计算其隐私泄露危害程度。实验结果验证了所提方案的有效性和效率。

关键词: Android, 隐私泄露, 隐私评估, 隐私保护

Abstract:

Aiming at the privacy leakage,which was caused by collecting user information by third-party host in Android operating system App,a privacy leakage evaluation scheme HostRisk was proposed.HostRisk was based on TF-IDF model and hierarchical clustering method,which was applied in mobile device.The TF-IDF model calculated the business relevance between Apps and hosts via the behavior characteristics of the hosts in these Apps.For the business related hosts that fail to express the business relevance characteristics,those hosts were adjusted and optimized via the average connected hierarchical agglomerative clustering method.Finally,the harmful degree of privacy leakage was evaluated based on the ranking of all hosts in the App.The experimental results verify the effectiveness and efficiency of the scheme.

Key words: Android, privacy leakage, privacy assessment, privacy preservation

中图分类号: 

No Suggested Reading articles found!