通信学报 ›› 2020, Vol. 41 ›› Issue (2): 155-164.doi: 10.11959/j.issn.1000-436x.2020020
王竹1,2,贺坤1,2,王新宇1,2,牛犇1(),李凤华1,2
修回日期:
2019-12-06
出版日期:
2020-02-25
发布日期:
2020-03-09
作者简介:
王竹(1972- ),女,山西太原人,博士,中国科学院高级工程师,主要研究方向为信息安全、人工智能|贺坤(1995- ),男,安徽安庆人,中国科学院硕士生,主要研究方向为信息保护、隐私计算|王新宇(1989- ),男,甘肃平凉人,中国科学院博士生,主要研究方向为信息保护、隐私计算|牛犇(1984- ),男,陕西西安人,博士,中国科学院副研究员,主要研究方向为网络安全、隐私计算|李凤华(1966- ),男,湖北浠水人,博士,中国科学院研究员、博士生导师,主要研究方向为网络与系统安全、信息保护、隐私计算
基金资助:
Zhu WANG1,2,Kun HE1,2,Xinyu WANG1,2,Ben NIU1(),Fenghua LI1,2
Revised:
2019-12-06
Online:
2020-02-25
Published:
2020-03-09
Supported by:
摘要:
针对Android操作系统App内第三方域名采集用户信息造成的隐私泄露问题,基于TF-IDF模型和层次聚类方法提出了移动设备中的隐私泄露评估方案HostRisk。TF-IDF模型通过App内域名的行为特征计算域名与App的业务相关性,对于未能表现出App业务相关性行为特征的业务相关域名通过平均连接的凝聚型层次聚类方法进行调整优化,最终根据App内所有域名的排名计算其隐私泄露危害程度。实验结果验证了所提方案的有效性和效率。
中图分类号:
王竹,贺坤,王新宇,牛犇,李凤华. Android设备中基于流量特征的隐私泄露评估方案[J]. 通信学报, 2020, 41(2): 155-164.
Zhu WANG,Kun HE,Xinyu WANG,Ben NIU,Fenghua LI. Traffic characteristic based privacy leakage assessment scheme for Android device[J]. Journal on Communications, 2020, 41(2): 155-164.
表4
某新闻类App中倒数5个业务不相关域名通信数据特征"
域名地址 | IP地址 | 通信协议 | 通信量 | 平均数据分组大小/B | ||||||||
HTTP数据分组 | HTTPS数据分组 | 上传量 | 下载量 | 上传下载比 | ||||||||
个数 | 占比 | 个数 | 占比 | 总量/B | 占比 | 总量/B | 占比 | |||||
xdrig.com | 52.80.186.222 | 0 | 0 | 1 | 5.76×10-6 | 32 | 5.73×10-8 | 0 | 0 | 32 | 32 | |
amap.com | 106.11.186.5 | 18 | 1.7×10-4 | 12 | 6.91×10-5 | 13 320 | 2.46×10-5 | 14 219 | 0.002 7 | 0.94 | 917.97 | |
google-analytics.com | 203.208.40.39 | 0 | 0 | 105 | 6.05×10-4 | 88 434 | 1.64×10-4 | 5 747 | 0.001 1 | 15.38 | 896.96 | |
doubleclick.net | 203.208.41.77 | 0 | 0 | 17 | 9.8×10-5 | 6 735 | 1.25×10-5 | 1 251 | 2.4×10-4 | 5.38 | 469.76 | |
wrating.com | 106.11.12.3 | 0 | 0 | 11 | 6.34×10-5 | 9 803 | 1.81×10-5 | 674 | 1.29×10-4 | 14.54 | 952.45 | |
综合 | — | 70 182 | — | 173 475 | — | 540 411 034 | — | 5 219 493 | — | — | 2 239.33 |
表3
某新闻类App域名相关性计算排名结果"
域名地址 | 注册机构名称 | 分值 |
pstatp.com | App所属公司 | 1.0 |
ixigua.com | App所属公司 | 2.0 |
snssdk.com | App所属公司 | 5.0 |
byteimg.com | App所属公司 | 4.0 |
bytecdn.cn | App所属公司 | 12.0 |
# | # | # |
wrating.com | 第三方数据科技公司 | 48.92 |
doubleclick.net | 第三方数据科技公司 | 50.0 |
google-analytics.com | 第三方数据科技公司 | 56.23 |
amap.com | 第三方数据科技公司 | 58.0 |
xdrig.com | 第三方数据科技公司 | 69.5 |
[1] | LI F H , LI H , NIU B ,et al. Privacy computing:concept,computing framework,and future development trends[J]. Elsevier Engineering, 2019,5(6): 1179-1192. |
[2] | REN J , RAO A , LINDORFER M ,et al. Recon:revealing and controlling PII leaks in mobile network traffic[C]// The 14th Annual International Conference on Mobile Systems,Applications,and Services. ACM, 2016: 361-374. |
[3] | WANG H , GUO Y . Understanding third-party libraries in mobile App analysis[C]// 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C). IEEE, 2017: 515-516. |
[4] | BOOK T , WALLACH D S . A case of collusion:a study of the interface between ad libraries and their Apps[C]// The Third ACM Workshop on Security and Privacy in Smartphones & Mobile Devices. ACM, 2013: 79-86. |
[5] | STEVENS R , GIBLER C , CRUSSELL J ,et al. Investigating user privacy in android ad libraries[C]// Workshop on Mobile Security Technologies (MoST). Citeseer, 2012:10. |
[6] | GRACE M C , ZHOU W , JIANG X ,et al. Unsafe exposure analysis of mobile in-App advertisements[C]// The Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks. ACM, 2012: 101-112. |
[7] | LIN J , AMINI S , HONG J I ,et al. Expectation and purpose:understanding users’ mental models of mobile App privacy through crowdsourcing[C]// The 2012 ACM Conference on Ubiquitous Computing. ACM, 2012: 501-510. |
[8] | LI M , WANG W , WANG P ,et al. LibD:scalable and precise third-party library detection in android markets[C]// 2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE). ACM, 2017: 335-346. |
[9] | MA Z , WANG H , GUO Y ,et al. LibRadar:fast and accurate detection of third-party libraries in Android Apps[C]// The 38th International Conference on Software Engineering Companion. 2016: 653-656. |
[10] | KUZUNO H , TONAMI S . Signature generation for sensitive information leakage in android applications[C]// 2013 IEEE 29th International Conference on Data Engineering Workshops (ICDEW). IEEE, 2013: 112-119. |
[11] | LI J , ZHAI L , ZHANG X ,et al. Research of android malware detection based on network traffic monitoring[C]// 2014 9th IEEE Conference on Industrial Electronics and Applications. IEEE, 2014: 1739-1744. |
[12] | HE Y , YANG X , HU B ,et al. Dynamic privacy leakage analysis of android third-party libraries[J]. Journal of Information Security and Applications, 2019,46: 259-270. |
[13] | FANG Z , HAN W , LI Y . Permission based Android security:issues and countermeasures[J]. Computers & Security, 2014,43: 205-218. |
[14] | ENCH W , OCTEAU D , MCDANIEL P D ,et al. A study of Android application security[C]// USENIX Security Symposium. 2011:2. |
[15] | BOOK T , PRIDGEN A , WALLACH D S . Longitudinal analysis of android ad library permissions[J]. arXiv Preprint,arXiv:1303.0857, 2013. |
[16] | NARAYNAN A , CHEN L , CHAN C K . Addetect:automated detection of Android ad libraries using semantic analysis[C]// 2014 IEEE Ninth International Conference on Intelligent Sensors,Sensor Networks and Information Processing (ISSNIP). IEEE, 2014: 1-6. |
[17] | SUN M , TAN G . Nativeguard:protecting android applications from third-party native libraries[C]// The 2014 ACM Conference on Security and Privacy in Wireless & Mobile Networks. ACM, 2014: 165-176. |
[18] | BACKES M , BUGIEL S , DERR E . Reliable third-party library detection in android and its security applications[C]// The 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2016: 356-367. |
[19] | CRUSSEL J , GIBLER C , CHEN H . Andarwin:scalable detection of semantically similar android applications[C]// European Symposium on Research in Computer Security. 2013: 182-199. |
[20] | WANG H , GUO Y , MA Z ,et al. Wukong:a scalable and accurate two-phase approach to android app clone detection[C]// The 2015 International Symposium on Software Testing and Analysis. 2015: 71-82. |
[21] | 王浩宇, 郭耀, 马子昂 ,等. 大规模移动应用第三方库自动检测和分类方法[J]. 软件学报, 2017,6: 1373-1388. |
WANG H Y , GUO Y , MA Z A ,et al. Automated detection and classi-fication of third-party libraries in large scale Android Apps[J]. Journal of Software, 2017,6: 1373-1388. | |
[22] | LIU B , LIU B , JIN H ,et al. Efficient privilege de-escalation for adlibraries in mobile Apps[C]// The 13th Annual International Conference on Mobile Systems,Applications,and Services. 2015: 89-103. |
[23] | TANG Z , XUE M , MENG G ,et al. Securing Android applications via edge assistant third-party library detection[J]. Computers & Security, 2019,80: 257-272. |
[24] | ENCK W , ONGTANG M , MCDANIEL P . On lightweight mobile phone application certification[C]// The 16th ACM conference on Computer and Communications Security. ACM, 2009: 235-245. |
[25] | SEO S H , GUPTA A , SALLAM A M ,et al. Detecting mobile malware threats to homeland security through static analysis[J]. Journal of Network and Computer Applications, 2014,38: 43-53. |
[26] | TENENBOIM-CHEKINA L , BARAD O , SHABTAI A ,et al. Detecting application update attack on mobile devices through network features[C]// 2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, 2013: 91-92. |
[27] | ZHOU Y , WANG Z , ZHOU W ,et al. Hey,you,get off of my market:detecting malicious apps in official and alternative android markets[C]// 19th Annual Network & Distributed System Security Symposium. 2012: 50-52. |
[28] | 李梦玉, 马严, 黄小红 ,等. 基于URL的恶意访问检测方法[J]. 通信学报, 2018,39(Z1): 92-98. |
LI M Y , MA Y , HUANG X H ,et al. Malicious access detection method based on URL[J]. Journal on Communications, 2018,39(Z1): 92-98. | |
[29] | 李佳, 云晓春, 李书豪 ,等. 基于混合结构深度神经网络的 HTTP恶意流量检测方法[J]. 通信学报, 2019,40(1): 28-37. |
LI J , YUN X C , LI S H ,et al. HTTP malicious traffic detection method based on hybrid structure deep neural network[J]. Journal on Commu-nications, 2019,40(1): 28-37. | |
[30] | GRACE M , ZHOU Y , ZHANG Q ,et al. Riskranker:scalable and accurate zero-day Android malware detection[C]// The 10th International Conference on Mobile Systems,Applications,and Services. 2012: 281-294. |
[31] | KUMAR R , ZHANG X , WANG W ,et al. A multimodal malware detection technique for Android IoT devices using various features[J]. IEEE Access, 2019,7: 64411-64430. |
[32] | ALSWAINA F , ELLEITHY K . Android malware permission-based multi-class classification using extremely randomized trees[J]. IEEE Access, 2018,6: 76217-76227. |
[33] | LEVANDOWSKY M , WINTER D . Distance between sets[J]. Nature, 1971,234(5323):34. |
[1] | 马鑫迪, 李清华, 姜奇, 马卓, 高胜, 田有亮, 马建峰. 面向Non-IID数据的拜占庭鲁棒联邦学习[J]. 通信学报, 2023, 44(6): 138-153. |
[2] | 张佳乐, 朱诚诚, 孙小兵, 陈兵. 基于GAN的联邦学习成员推理攻击与防御方法[J]. 通信学报, 2023, 44(5): 193-205. |
[3] | 冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233. |
[4] | 夏莹杰, 朱思雨, 刘雪娇. 区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究[J]. 通信学报, 2023, 44(4): 111-123. |
[5] | 胡柏吉, 张晓娟, 李元诚, 赖荣鑫. 支持多功能的V2G网络隐私保护数据聚合方案[J]. 通信学报, 2023, 44(4): 187-200. |
[6] | 徐明, 张保俊, 伍益明, 应晨铎, 郑宁. 面向网络攻击和隐私保护的多智能体系统分布式共识算法[J]. 通信学报, 2023, 44(3): 117-127. |
[7] | 余晟兴, 陈钟. 基于同态加密的高效安全联邦学习聚合框架[J]. 通信学报, 2023, 44(1): 14-28. |
[8] | 张学旺, 黎志鸿, 林金朝. 基于公平盲签名和分级加密的联盟链隐私保护方案[J]. 通信学报, 2022, 43(8): 131-141. |
[9] | 王继锋, 王国峰. 边缘计算模式下密文搜索与共享技术研究[J]. 通信学报, 2022, 43(4): 227-238. |
[10] | 封化民, 史瑞, 袁峰, 李艳俊, 杨旸. 高效的强隐私保护和可转让的属性票据方案[J]. 通信学报, 2022, 43(3): 63-75. |
[11] | 于海宁, 张宏莉, 余翔湛, 曲家兴, 葛蒙蒙. 隐私保护的轨迹相似度计算方法[J]. 通信学报, 2022, 43(11): 1-13. |
[12] | 彭滔, 钟文韬, 王国军, 罗恩韬, 熊金波, 刘忆宁, Hao Wang. 移动社交网络中面向隐私保护的精确好友匹配[J]. 通信学报, 2022, 43(11): 90-103. |
[13] | 史瑞, 封化民, 谢惠琴, 史国振, 刘飚, 杨旸. 基于带智能卡的移动终端实现的隐私保护的属性票据方案[J]. 通信学报, 2022, 43(10): 26-41. |
[14] | 熊金波, 周永洁, 毕仁万, 万良, 田有亮. 边缘协同的轻量级隐私保护分类框架[J]. 通信学报, 2022, 43(1): 127-137. |
[15] | 彭长根, 高婷, 刘惠篮, 丁红发. 面向机器学习模型的基于PCA的成员推理攻击[J]. 通信学报, 2022, 43(1): 149-160. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|