iOS恶意应用分析综述

doi:10.11959/j.issn.1000-0801.2017048

Abstract

CLC Number:

TP309

Yixiang ZHU,Kang ZHANG,Weiqing WANG. Review of iOS malicious application analysis[J]. Telecommunications Science, 2017, 33(2): 42-47.

Figures/Tables 2

References 13

[1]	国家计算机病毒应急处理中心. 第十四次全国信息网络安全状况暨计算机和移动终端病毒疫情调查分析报告[R]. 2015.
	National Computer Virus Emergency Response Center. 14th analysis of national security situation of information network and investigation report on computer and mobile terminal virus[R]. 2015.
[2]	iOS 9.3 or later.iOS security-white paper[S/OL]. (2016-05-01) [2016-10-10]. .
[3]	Apple's app store has passed 100 billion app downloads[EB/OL]. (2016-06-08) [2016-10-10]. .
[4]	CHARLIE M , DION B , DINO D , et al. iOS hacker's handbook[M]. NewYork： Wiley, 2012.
[5]	AppBuyer:new iOS malware steals apple ID and password to buy apps[EB/OL]. (2014-09-12) [2016-10-10]. .
[6]	WANG T , JANG Y , CHEN Y , et al. On the feasibility of large-scale infections of iOS devices[C]// The 23rd USENIX Security Symposium (Security), August 20-22, 2014, San Diego,CA,USA. New Jersey: IEEE Press, 2014: 79-95.
[7]	Wirelurker:a new era in iOS and os x malware[EB/OL]. (2014-11-05) [2016-10-10]. .
	NICOLAS S . iPhone privacy[S/OL]. (2012-04-07) [2016-10-10]. .
[9]	LAU B , JANG Y , SONG C , et al. Mactans:injecting malware into iOS devices via malicious chargers[C]// Black Hat USA, July 27Aug-1, 2013, Las Vegas,NV,USA. New Jersey: IEEE Press, 2013.
[10]	WANG T , LU K , LU L , et al. Usenix Conference on Security[C]// Black Hat USA, August 12-13, 2013, Washington D C,USA. New Jersey: IEEE Press, 2013:559-572.
[11]	安天实验室. Xcode 非官方版本恶意代码污染事件（XcodeGhost）的分析与综述[R/OL]. (2015-09-20) [2016-10-10]. .
[12]	YiSpecter:first iOS malware that attacks non-jailbroken apple iOS devices by abusing private APIs[EB/OL]. (2015-10-04) [2016-10-10]. .
[13]	Pegasus-针对iOS设备的APT攻击分析[EB/OL]. (2016-08-26) [2016-10-10]. .
	Pegasus-analysis of APT attacks on iOS devices[EB/OL]. (2016-08-26) [2016-10-10]. .

Metrics

Recommended 0

No Suggested Reading articles found!

恶意应用	出现时间	传播途径	恶意功能	受染机器类型
iKee	2009年11月	open SSH	修改壁纸、锁机以及将iOS设备加入botnet（僵尸网络）中	越狱设备
AppBuyer	2014年9月	第三方Cydia源	窃取Apple ID和密码、盗用用户身份下载应用程序	越狱设备
WireLurker	2014年11月	已感染的个人电脑	收集用户隐私信息、安装新的应用程序	越狱设备、未越狱设备
SpyPhone	2010年8月	应用商店	收集多种个人隐私数据，包括电话号码、通讯录、照片、地理位置等	未越狱设备
Mactans	2013年8月	充电器	模拟用户点击、安装并隐藏应用程序、监视用户输入等	未越狱设备
Jekyll	2013年8月	应用商店	发送短信、邮件、后台录像、拨打任意电话等	未越狱设备
XcodeGhost	2015年9月	应用商店	收集用户隐私并具备伪造弹窗等功能	未越狱设备
YiSpecter	2015年10月	网络流量劫持、网页欺诈等	收集设备UUID等用户隐私、安装企业证书签名的应用、替换其他应用	越狱设备、未越狱设备
Pegasus/Trident	2016年8月	短信发送网址链接的精准APT攻击	完全控制iOS设备	越狱设备、未越狱设备

Review of iOS malicious application analysis

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 2

References 13

Related Articles 3

Metrics

Recommended 0

[1]	Deyu Miao,Xuebin Kang,Xinguang Xiao. Analysis and Forensics of Malware in Suspicious Computer Based on Four Class Trust Model Abstract This paper analyzes the weaknesses and difficulties of traditional computer forensics technology in the field of analyzing the malicious code evidentiary，proposes a suspicious computer forensics model based on four class trust mechanism. It describes a static forensics method for the suspicious terminals and by large amounts of experiments，shows the feasibility，accuracy and efficiency of four class trust mechanism in the application of malicious code forensics. [J]. Telecommunications Science, 2011, 27(1): 105-109.
[2]	Huang Wei,Cui Baojiang and Hu Zhengming. Study and Trends on Client-side Malicious Code of Web Application [J]. Telecommunications Science, 2009, 25(2): 72-79.
[3]	Wei Huang,Baojiang Cui,Zhengming Hu. Study and Trends on Client-side Malicious Code of Web Application [J]. Telecommunications Science, 2009, 1(2): 72-79.