Telecommunications Science ›› 2016, Vol. 32 ›› Issue (10): 2-14.doi: 10.11959/j.issn.1000-0801.2016256
• Topic: terminal security based on Android system • Next Articles
Sihan QING1,2,3
Online:
2016-10-15
Published:
2017-04-27
Supported by:
Sihan QING. Research status and outlook of Android security[J]. Telecommunications Science, 2016, 32(10): 2-14.
"
版本代码 | 版本号 | 首次发行日期 | API 级别 |
无 | 1.0 | 2008年9月23日 | 1 |
1.1 | 2009年2月9日 | 2 | |
Cupcake(纸杯蛋糕) | 1.5 | 2009年4月27日 | 3 |
Donut(甜甜圈) | 1.6 | 2009年9月15日 | 4 |
Eclair(松饼) | 2.0~2.1 | 2009年10月26日 | 5~7 |
Froyo(冻酸奶) | 2.2~2.2.3 | 2010年5月20日 | 8 |
Gingerbread(姜饼) | 2.3~2.3.7 | 2010年12月6日 | 9、10 |
Honeycomb(蜂巢) | 3.0~3.2.6 | 2011年2月22日 | 11~13 |
Ice Cream Sandwich(冰淇淋三明治) | 4.0~4.0.4 | 2011年10月18日 | 14、15 |
Jelly Bean(果冻豆) | 4.1~4.3.1 | 2012年7月9日 | 16~18 |
KitKat(奇巧巧克力) | 4.4~4.4.4,4.4W~4.4W.2 | 2013年10月31日 | 19、20 |
Lollipop(棒棒糖) | 5.0~5.1.1 | 2014年11月12日 | 21、22 |
Marshmallow(棉花糖) | 6.0~6.0.1 | 2015年10月5日 | 23 |
Nougat(牛轧糖) | 7.0 | 2016年8-9月 | 24(可能) |
"
特征 | 恶意App |
数据泄露 | AckPosts, Aks, Ancsa, jSmsHider, Saiva, Vidro, Gonca, RootSmart, RATC,JSExploit-DynSrc, Xsider, Ssmsp, Mobsquz, FakeTimer,DroidKungFu,Spy.GoneSixty,Kmin,GGTrack,MobileTx,Dougalek,FakeDoc,Loozfon,Placms |
滥用短信服务 | MobileTx,Iconosys,UpdtKiller,Pirater,Mania,FakeInstaller,FakePlayer,Foncy |
反射和动态类加载 | Mobsquz,FakeDoc,FaceNiff,BaseBridge,DroidDream |
本地代码 | Ancsa,Qicsom,RATC,DroidKungFu,Xsider,DroidSheep,Gmuse,FakeDoc,FaceNiff |
"
动态分析方法 | 目的 | 分析特征 |
AASandbox | 通过系统调用追踪监控行为 | 系统调用 |
Andromaly | 通过系统资源使用检测恶意软件 | 低层设备特征(如电池使用、CP负载) |
CopperDroid | 通过系统调用追踪监控行为 | 系统调用 |
Crowdroid | 通过系统调用追踪监控行为 | 系统调用 |
DroidBox | 监控外部访问的沙盒 | 污点利用点 API方法 |
DroidRanger | 通过预先设定的行为脚印检测恶意软件 | API方法调用序列 |
DroidScope | API追踪、指令追踪和污点追踪的插件 | 污点源/污点利用点API方法 |
RiskRanker | 通过已知的漏洞签名检测恶意软件 | API方法调用序列 |
TaintDroid | 检测敏感信息泄露 | 污点源/污点利用点API方法 |
VetDroid | 通过权限使用行为检测恶意软件 | 可以映射到API方法的权限请求 |
[1] | Gartner . Gartner report[EB/OL]. [2016-02-16] . |
[2] | ENCK W , ONGTANG M , MCDANIEL P . Understanding Android security[J]. IEEE Security & Privacy, 2009,7(1): 50-57. |
[3] | ENCK W , OCTEAU D , MCDANIEL P , et al. A study of Android application security[J]. British Medical Journal, 2015,2(3859): 1175. |
[4] | 卿斯汉 . Android 安全研究进展[J]. 软件学报, 2016,27(1):45-71. QING S H . Research progress on Android security[J]. Journal of Software, 2016,27(1):45-71. |
[5] | ELISH K O , SHU X , YAO D , et al. Profiling user-trigger dependence for Android malware detection[J]. Computers &Security, 2015,49(C): 255-273. |
[6] | FANG Z , HAN W , LI Y . Permission-based Android security:issues and counter measures[J]. Computers & Security, 2014(43): 205-218. |
[7] | SHABTAI A , KANONOV U , ELOVICI Y , et al. Andromaly: a behavioral malware detection framework for android devices[J]. Journal of Intelligent Information Systems, 2012,38(1): 161-190. |
[8] | ZHANG X , YING K , AAFER Y , et al. Life after app uninstallation: are the data still alive data residue attacks on Android[C]// The 23rd Network and Distributed System Security Symposium(NDSS 2016) , February 21-24,2016, San Diego, California, USA .[S.l.:s.n.], 2016. |
[9] | XING L , PAN X , WANG R , et al. Upgrading your android, elevating my malware: privilege escalation through mobile os updating[C]// The 2014 IEEE Symposium on Security and Privacy (SP 2014), May 18-21,2014, San Jose, California, USA. New Jersey:IEEE Press, 2014: 393-408. |
[10] | SEO J , KIM D , CHO D , et al. FLEXDROID: enforcing in-app privilege separation in Android[C]// The 23rd Network and Distributed System Security Symp(NDSS 2016), February 21-24,2016, San Diego, California, USA.[S.l.:s.n.], 2016. |
[11] | ARP D , SPREITZENBARTH M , HUBNER M D , et al. Drebin:effective and explainable detection of Android malware in your pocket[C]// The 21st Network and Distributed System Security Symp(NDSS 2014), February 23-26,2014, San Diego, California, USA.[S.l.:s.n.], 2014. |
[12] | CHECK POINT HummingBad: a persistent mobile chain attack[EB/OL]. [2016-02-16]. . |
[13] | Ded: decompiling Android applications[EB/OL]. [2016-02-16]. . |
[14] | Android decompiling with Dex2jar[EB/OL]. [2016-02-16]. . |
[15] | ENCK W , GILBERT P , CHUN B G , et al. TaintDroid: an information flow tracking system for real- time privacy monitoringon smartphones[J]. Communications of the ACM, 2014,57(3): 99-106. |
[16] | FUCHS A P , CHAUDHURI A , FOSTER J S . SCanDroid:automated security certification of Android Applications[R/OL]. (2015-0203) [2016-02-16].. |
[17] | ARZT S , RASTHOFER S , FRITZ C , et al. FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps[J]. ACM Sigplan Notices, 2014,49(6): 259-269. |
[18] | WEI F , ROY S , FRITZ C , et al. Amandroid: a precise and general inter-component data flow analysisframework for security vetting of Android apps[C]// The 21st ACM Conference on Computerand Communications Security (CCS'14), November 3-7,2014, Scottsdale,Arizona,USA.[S.l.:s.n.], 2014: 1329-1341. |
[19] | FELT A P , CHIN E , HANNA S , et al. Android permissions demystied[C]// The 18th ACM Conference on Computer and Communications Security(CCS'11), Oct 17-21,2011, Chicago, IL,USA.[S.l.:s.n.], 2011: 627-638. |
[20] | AU K W Y , ZHOU Y F , HUANG Z , et al. 2012. PScout:analyzing the Android permission specification[C]// The 19th ACM Conference on Computer and Communications Security (CCS'12), Oct 16-18,2012, Raleigh,NC,USA. New York:ACM Press, 2012: 217-228. |
[21] | CHIN E , FELT A P , GREENWOOD K , et al. Analyzing inter-application communication inAndroid[C]// The 9th International Conference on Mobile Systems, Applications, and Services(MobiSys'11), June 29-July 1,2011, Washington, DC, USA.[S.l.:s.n.], 2011: 239-252. |
[22] | LU L , LI Z , WU Z , et al. Chex: statically vetting Android apps for component hijacking vulnerabilities[C]// The 19th ACM Conference on Computer and Communications Security(CCS 2012), Oct 16-18,2012, Raleigh, NC, USA. New York:ACM Press, 2012: 219-240. |
[23] | CHAN P P F , HUI L C K , YIU S M , et al. Droidchecker: analyzing Android applications for capability leak[C]// The 15th ACM Conf.on Security and Privacy in Wireless and Mobile Networks(WiSec 2012), April 16-18,2012, Tucson, Arizona, USA. New York:ACM Press, 2012: 125-136. |
[24] | BLASING T , BATYUK L , SCHMIDT A D , et al. An android application sandbox system for suspicious software detection[C]// The 5th International Conference on Malicious and Unwanted Software(MALWARE), Oct 19-20,2010, Fajardo, USA. New Jersey:IEEE Press, 2010: 55-62. |
[25] | SHABTAI A , KANONOV U , ELOVICI Y , et al. Andromaly: a behavioral malware detection framework for android devices[J]. Journal of Intelligent Information Systems, 2012,38(1): 161-160. |
[26] | TAM K , KHAN S J , FATTORI A , et al. Copperdroid: automatic reconstruction of android malware behaviors[C]// The Symposium on Network and Distributed System Security(NDSS), Aug 18,2015, San Diego,USA.[S.l.:s.n.], 2015. |
[27] | BURGUERA I , ZURUTUZA U , NADJM-TEHRANI S . Crowdroid:behavior-based malware detection system for android[C]// The 1st ACM Workshop on Security and Privacy in Smart Phones and Mobile Devices, October 17,2011, New York, NY, USA. New York:ACM Press, 2011: 15-26. |
[28] | DESNOS A , LANTZ P . DroidBox: an Android application sandboxfor dynamic analysis[EB/OL]. [2016-02-16]. . |
[29] | ZHOU Y , WANG Z , ZHOU W , et al. Hey, you, get off of my market: detecting malicious apps in official and alternative Android markets[C]// NDSS 2012, February 5-8,2012, San Diego,California,USA.[S.l.:s.n.], 2012. |
[30] | YAN L K , YIN H . DroidScope: seamlessly reconstructing OS and Dalvik semantic views for dynamic Android malware analysis[C]// The 21st USENIX Conference on Security Symposium, August 8-10, Bellevue, WA, USA. New York:ACM Press, 2012: 29. |
[31] | GRACE M , ZHOU Y , ZHANG Q , et al. RiskRanker: scalableand accurate zero -day android malware detection[C]// The 10th International Conference on Mobile Systems, Applications and Services, June 26-29, 2012 Low Wood Bay, The Lake District, UK. New York:ACM Press, 2012: 281-294. |
[32] | ZHANG Y , YANG M , XU B , et al. Vetting undesirable behaviors in Android apps with permissionuse analysis[C]// The 2013 ACM SIGSAC Conference on Computer & Communications Security, November 4-8,2013 Berlin, Germany. New York:ACM Press, 2013: 611-622. |
[1] | Xiaojian ZHANG, Jiaxuan FEI, Haitao JIANG, Qigui YAO. Security risk analysis of power 5G hybrid networking [J]. Telecommunications Science, 2022, 38(1): 132-139. |
[2] | Xiaotong YE, Wenfei SUN, Shigen SHEN. Availability evaluation method for extended epidemic model and Markov chain based IoT [J]. Telecommunications Science, 2021, 37(4): 37-45. |
[3] | Wei DING. Network security threat prevention and control system of electric power monitoring systems for wind farm [J]. Telecommunications Science, 2020, 36(5): 138-144. |
[4] | ZHANG Hong,SHEN Shigen,WU Xiaojun,CAO Qiying. WSN malware infection model based on cellular automaton and static Bayesian game [J]. Telecommunications Science, 2019, 35(6): 60-69. |
[5] | Tieming CHEN, Binbin XIANG, Mingqi LV, Bo CHEN, Xie JIANG. Android malware detection method based on byte-code image and deep learning [J]. Telecommunications Science, 2019, 35(1): 9-17. |
[6] | Shigen SHEN,Sheng FENG,Haiping ZHOU,Longjun HUANG,Keli HU,Qiying CAO. Optimal approach of suppressing WSN malware propagation based on cloud computing and dynamic Bayesian game [J]. Telecommunications Science, 2018, 34(9): 78-86. |
[7] | Fujuan LI,Qun WANG. Mechanism and implementation of Rootkit attack and defense [J]. Telecommunications Science, 2018, 34(12): 33-45. |
[8] | Haiping ZHOU,Shigen SHEN,Longjun HUANG,Sheng FENG. Game theory-based malware propagation model for wireless sensor network [J]. Telecommunications Science, 2018, 34(11): 67-76. |
[9] | Yaling LUO,Wenwei LI,Xin SU. HTTP behavior characteristics generation and extraction approach for Android malware [J]. Telecommunications Science, 2016, 32(8): 136-145. |
[10] | Ying XU,Zhao WU,Zhiqi LI. Perception technology of virtual threat for large enterprise's information security construction [J]. Telecommunications Science, 2016, 32(12): 149-156. |
[11] | Hao CHEN,Sihan QING. Android malware detection method based on combined algorithm [J]. Telecommunications Science, 2016, 32(10): 15-21. |
[12] | Sihan QING. Research on Android security of broadcasting mechanism [J]. Telecommunications Science, 2016, 32(10): 27-35. |
[13] | Jian LI,Yun LIU,Chunyan AN,Jianwei REN. Security technologies in 4G network for power grid [J]. Telecommunications Science, 2015, 31(Z1): 63-73. |
[14] | Shigen Shen,Longjun Huang,Keli Hu,Hongjie Li,Risheng Han,Qiying Cao. Differential Game-Based Optimal Control Method for Preventing Malware Propagation in Online Social Network [J]. Telecommunications Science, 2015, 31(10): 66-73. |
[15] | Yi Zhou,Jia Liu,Minrui Shi. Research of eMBMS's Security Mechanism and Content Protection [J]. Telecommunications Science, 2014, 30(12): 28-33. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|