基于虚拟机字节码注入的Android应用程序隐私保护机制

doi:10.11959/j.issn.1000-436x.2021115

通信学报 ›› 2021, Vol. 42 ›› Issue (6): 171-181.doi: 10.11959/j.issn.1000-436x.2021115

基于虚拟机字节码注入的Android应用程序隐私保护机制

宋宇波¹^,²^,³, 陈琪¹^,²^,³, 宋睿¹^,²^,³, 胡爱群³^,⁴

¹ 东南大学网络空间安全学院，江苏南京 211189
² 东南大学江苏省计算机网络技术重点实验室，江苏南京 211189
³ 网络通信与安全紫金山实验室，江苏南京 211189
⁴ 东南大学信息科学与工程学院，江苏南京 211189

修回日期:2021-03-10 出版日期:2021-06-25 发布日期:2021-06-01
作者简介:宋宇波（1977− ），男，江苏无锡人，博士，东南大学副教授，主要研究方向为无线网络和移动通信安全、移动终端安全、专有数据安全、区块链安全等
陈琪（1996− ），女，江苏泰州人，东南大学硕士生，主要研究方向为物联网流量识别、Android隐私保护等
宋睿（1994− ），男，江苏宿迁人，东南大学硕士生，主要研究方向为移动终端安全、专有数据安全、区块链安全等
胡爱群（1966− ），男，江苏南通人，博士，东南大学教授，主要研究方向为无线网络安全、物理层安全技术
基金资助:
国家重点研发计划基金资助项目(2020YFE0200600);江苏省网络与信息安全重点实验室基金资助项目(BM2003201)

Android application privacy protection mechanism based on virtual machine bytecode injection

Yubo SONG¹^,²^,³, Qi CHEN¹^,²^,³, Rui SONG¹^,²^,³, Aiqun HU³^,⁴

¹ School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China
² Key Laboratory of Computer Network Technology of Jiangsu Province, Southeast University, Nanjing 211189, China
³ Purple Mountain Laboratories, Nanjing 211189, China
⁴ School of Information Science and Engineering, Southeast University, Nanjing 211189, China

Revised:2021-03-10 Online:2021-06-25 Published:2021-06-01
Supported by:
The National Key Research and Development Program of China(2020YFE0200600);Jiangsu Province Key Laboratory of Network and Information Security(BM2003201)

摘要/Abstract

摘要：

为了解决Android应用权限机制的滥用，提出了一种基于虚拟机字节码注入技术的 Android 应用程序权限访问控制方法。所提方法能够根据用户的安全需求和使用场景，生成虚拟机字节码形式的安全策略，并将其注入Android应用的涉及危险权限请求和敏感数据访问的代码单元中，从而实现动态应用行为控制。对国内4家主流应用商店爬取的应用程序进行测试，结果表明，所提方法可以对合法App的敏感API调用和危险权限请求进行有效拦截，并根据预定的安全策略实施控制，注入虚拟机字节码后的大部分App运行不受注入代码影响，稳健性得到保证，且具有较好的普适性。

关键词: 安卓安全, 隐私保护, 安全策略, 虚拟机字节码

Abstract:

To solve the abuse of the Android application permission mechanism, a method of Android application access control based on virtual machine bytecode injection technology was proposed.The security policy in the form of virtual machine bytecode was generated according to the user’s security requirement and usage scenario, and injected into the coding unit of Android application that involves dangerous permission request and sensitive data access, to realize dynamic application behavior control.Tests on applications crawled from four mainstream domestic App stores show that the method can effectively intercept sensitive API calls and dangerous permission requests of legitimate App programs and implement control according to pre-specified security policies.Also, after injecting virtual machine bytecode, most of the App program operation is not affected by the injected code, and the robustness is guaranteed.The proposed method has a good universality.

Key words: Android security, privacy protection, security strategy, virtual machine bytecode

中图分类号:

TN92

宋宇波, 陈琪, 宋睿, 胡爱群. 基于虚拟机字节码注入的Android应用程序隐私保护机制[J]. 通信学报, 2021, 42(6): 171-181.

Yubo SONG, Qi CHEN, Rui SONG, Aiqun HU. Android application privacy protection mechanism based on virtual machine bytecode injection[J]. Journal on Communications, 2021, 42(6): 171-181.

图/表 10

图1

表1

图2

图3

图4

图5

图6

图7

图8

图9

参考文献 24

[1]	TALAL M , ZAIDAN A , ZAIDAN B B ,et al. Comprehensive review and analysis of anti-malware Apps for smartphones[J]. Telecommunication Systems, 2019,72(2): 285-337.
[2]	NAUMAN M , KHAN S , ZHANG X W . APEX:extending Android permission model and enforcement with user-defined runtime constraints[C]// The 5th ACM Symposium on Information,Computer and Communications Security. New York:ACM Press, 2010: 328-332.
[3]	MAHINDRU A , SANGAL A L . DeepDroid:feature selection approach to detect Android malware using deep learning[C]// 2019 IEEE 10th International Conference on Software Engineering and Service Science. Piscataway:IEEE Press, 2019: 16-19.
[4]	BL?SING T , BATYUK L , SCHMIDT A D ,et al. An Android application sandbox system for suspicious software detection[C]// 2010 5th International Conference on Malicious and Unwanted Software. Piscataway:IEEE Press, 2010: 55-62.
[5]	GIBLER C , CRUSSELL J , ERICKSON J ,et al. AndroidLeaks:automatically detecting potential privacy leaks in android applications on a large scale[C]// International Conference on Trust and Trustworthy Computing. Berlin:Springer, 2012: 291-307.
[6]	SCHUTTE J , TITZE D , DE FUENTES J M . AppCaulk:data leak prevention by injecting targeted taint tracking into android Apps[C]// 2014 IEEE 13th International Conference on Trust,Security and Privacy in Computing and Communications. Piscataway:IEEE Press, 2014: 370-379.
[7]	CHEN K , WANG P , LEE Y ,et al. Finding unknown malice in 10 seconds:mass vetting for new threats at the google-play scale[C]// 24th USENIX Security Symposium. Berkeley:USENIX Association, 2015: 659-674.
[8]	VIDAS T , CHRISTIN N . Evading android runtime analysis via sandbox detection[C]// The 9th ACM Symposium on Information,Computer and Communications Security. New York:ACM Press, 2014: 447-458.
[9]	FERREIRA J , RESENDE R , MARTINHO S . Beacons and BIM models for indoor guidance and location[J]. Sensors, 2018,18(12): 4374-4384.
[10]	FARUKI P , BHARMAL A , LAXMI V ,et al. Android security:a survey of issues,malware penetration,and defenses[J]. IEEE Communications Surveys ＆ Tutorials, 2015,17(2): 998-1022.
[11]	FELT A P , CHIN E , HANNA S ,et al. Android permissions demystified[C]// The 18th ACM conference on Computer and Communications Security. New York:ACM Press, 2011: 627-638.
[12]	LIU X L , DU X J , ZHANG X S ,et al. Adversarial samples on android malware detection systems for IoT systems[J]. Sensors, 2019,19(4): 974.
[13]	KANG H , JANG J W , MOHAISEN A ,et al. Detecting and classifying android malware using static analysis along with creator information[J]. International Journal of Distributed Sensor Networks, 2015,11(6): 474-479.
[14]	PENG H , GATES C , SARMA B ,et al. Using probabilistic generative models for ranking risks of Android apps[C]// The 2012 ACM Conference on Computer and Communications Security. New York:ACM Press, 2012: 241-252.
[15]	CHRISTODORESCU M , JHA S , SESHIA S A ,et al. Semantics-aware malware detection[C]// 2005 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2005: 32-46.
[16]	LEE J , JEONG K , LEE H . Detecting metamorphic malwares using code graphs[C]// The 2010 ACM Symposium on Applied Computing. New York:ACM Press, 2010: 1970-1977.
[17]	SUAREZ T G , DASH S K , AHMADI M ,et al. Droidsieve:Fast and accurate classification of obfuscated android malware[C]// The Seventh ACM on Conference on Data and Application Security and Privacy. New York:ACM Press, 2017. 309-320.
[18]	DE-MAIORCA D , DE-ARIU D , CORONA I ,et al. Stealth attacks:an extended insight into the obfuscation effects on Android malware[J]. Computers ＆ Security, 2015,51: 16-31.
[19]	MING J , XIN Z , LAN P W ,et al. Impeding behavior-based malware analysis via replacement attacks to malware specifications[J]. Journal of Computer Virology and Hacking Techniques, 2017,13(3): 193-207.
[20]	SARACINO A , SGANDURRA D , DINI G ,et al. MADAM:effective and efficient behavior-based android malware detection and prevention[J]. IEEE Transactions on Dependable and Secure Computing, 2018,15(1): 83-97.
[21]	VINOD P , SHOJAFAR M , KUMAR N ,et al. Identification of android malware using refined system calls[J]. Concurrency,Computation Practice and Experience, 2019,75(2): 1-30.
[22]	SHABTAI A , KANONOV U , ELOVICI Y ,et al. Andromaly:a behavioral malware detection framework for android devices[J]. Journal of Intelligent Information Systems, 2012,38(1): 161-190.
[23]	MA W , DUAN P , LIU S ,et al. Shadow attacks:automatically evading system-call-behavior based malware detection[J]. Journal in Computer Virology, 2012,8(12): 1-13.
[24]	LEE S H , KIM S H , KIM S ,et al. Appwrapping providing fine-grained security policy enforcement per method unit in android[C]// 2017 IEEE International Symposium on Software Reliability Engineering Workshops. Piscataway:IEEE Press, 2017: 36-39.

权限	相关API调用
MANAGE_ACCOUNTS	invalidateAuthToken()
VIBRATE	NotificationManager.notify()
READ_CONTACTS	ContentResolver.openInputStream()
WAKE_LOCK	MediaPlayer.start()
ACCESS_NETWORK_STATE	MediaPlayer.stop()
INTERNET	getActiveNetworkInfo()

基于虚拟机字节码注入的Android应用程序隐私保护机制

Android application privacy protection mechanism based on virtual machine bytecode injection

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 10

参考文献 24

相关文章 15

Metrics

推荐阅读 0

[1]	马鑫迪, 李清华, 姜奇, 马卓, 高胜, 田有亮, 马建峰. 面向Non-IID数据的拜占庭鲁棒联邦学习[J]. 通信学报, 2023, 44(6): 138-153.
[2]	冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233.
[3]	夏莹杰, 朱思雨, 刘雪娇. 区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究[J]. 通信学报, 2023, 44(4): 111-123.
[4]	胡柏吉, 张晓娟, 李元诚, 赖荣鑫. 支持多功能的V2G网络隐私保护数据聚合方案[J]. 通信学报, 2023, 44(4): 187-200.
[5]	徐明, 张保俊, 伍益明, 应晨铎, 郑宁. 面向网络攻击和隐私保护的多智能体系统分布式共识算法[J]. 通信学报, 2023, 44(3): 117-127.
[6]	余晟兴, 陈钟. 基于同态加密的高效安全联邦学习聚合框架[J]. 通信学报, 2023, 44(1): 14-28.
[7]	张学旺, 黎志鸿, 林金朝. 基于公平盲签名和分级加密的联盟链隐私保护方案[J]. 通信学报, 2022, 43(8): 131-141.
[8]	王继锋, 王国峰. 边缘计算模式下密文搜索与共享技术研究[J]. 通信学报, 2022, 43(4): 227-238.
[9]	封化民, 史瑞, 袁峰, 李艳俊, 杨旸. 高效的强隐私保护和可转让的属性票据方案[J]. 通信学报, 2022, 43(3): 63-75.
[10]	于海宁, 张宏莉, 余翔湛, 曲家兴, 葛蒙蒙. 隐私保护的轨迹相似度计算方法[J]. 通信学报, 2022, 43(11): 1-13.
[11]	彭滔, 钟文韬, 王国军, 罗恩韬, 熊金波, 刘忆宁, Hao Wang. 移动社交网络中面向隐私保护的精确好友匹配[J]. 通信学报, 2022, 43(11): 90-103.
[12]	史瑞, 封化民, 谢惠琴, 史国振, 刘飚, 杨旸. 基于带智能卡的移动终端实现的隐私保护的属性票据方案[J]. 通信学报, 2022, 43(10): 26-41.
[13]	熊金波, 周永洁, 毕仁万, 万良, 田有亮. 边缘协同的轻量级隐私保护分类框架[J]. 通信学报, 2022, 43(1): 127-137.
[14]	晏燕, 丛一鸣, Adnan Mahmood, 盛权政. 基于深度学习的位置大数据统计发布与隐私保护方法[J]. 通信学报, 2022, 43(1): 203-216.
[15]	马立川, 彭佳怡, 裴庆祺, 朱浩瑾. 高效的决策树隐私分类服务协议[J]. 通信学报, 2021, 42(8): 80-89.