ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2014, Vol. 51 ›› Issue (7): 1385-1396.

所属专题: 2014网络与信息安全

• 信息安全 •    下一篇

Android安全综述

张玉清 王 凯 杨 欢 方喆君 王志强 曹 琛   

  1. (中国科学院大学国家计算机网络入侵防范中心 北京 101408) (zhangyq@ucas.ac.cn)
  • 出版日期: 2014-07-01

Survey of Android OS Security

Zhang Yuqing, Wang Kai, Yang Huan, Fang Zhejun, Wang Zhiqiang, and Cao Chen   

  1. (National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing 101408)
  • Online: 2014-07-01

摘要: Android是一款拥有庞大市场份额的智能移动操作系统,其安全性受到了研究者的广泛关注.介绍了Android的系统架构,分析了Android的安全机制,从系统安全和应用安全2个角度对其安全性能和相关研究进行了讨论.Android系统安全包括了内核层安全、架构层安全和用户认证机制安全3个方面.内核层和架构层的安全威胁主要来自于安全漏洞,内核层的安全研究集中于将SELinux引入内核层以增强安全性能,架构层的安全研究集中于权限机制的改进和应用编程接口(application programming interface, API)的安全实现、规范使用.用户认证机制直接关系到整个系统的隐私数据安全,实现方式灵活多样,得到了研究者的广泛关注.Android应用安全的研究包括了恶意应用检测和漏洞挖掘2项技术,对恶意应用的伪造技术、应用安装时恶意应用检测技术和应用运行过程中实时行为监控技术进行了讨论,对组件暴露漏洞和安全相关API的调用漏洞2类漏洞的相关研究进行了介绍.最后,总结了Android安全研究现状,讨论了未来的研究方向.

关键词: 安卓, 安全, 漏洞, 恶意应用, 用户认证, 综述

Abstract: Android is an operating system applied to smart mobile device which claims a huge market share. The study of its security has attracted wide attention. In this paper, we introduce Android’s system architecture and security mechanism, discuss its security performance and the current research situation from two perspectives: system security and application security. Android’s system security includes kernel security, architecture security and user authentications mechanism security. The threats on kernel security and architecture security are mainly from vulnerability. The study of kernel security is focused on how to introduce SELinux into the kernel to improve the security performance, and the study of architecture security is focused on how to improve the performance of permission mechanism and how to implement APIs (application programming interface) securely and to guide developers to use APIs normatively. User authentications mechanism is closely related to user’s privacy security and can be implemented flexibly, so that the study on its security has received wide attention. Android’s application security includes two technologies which are malicious application detection and vulnerability mining. We discuss on malicious application detection from the counterfeit technology of malicious applications and detection technology of malicious application at installation or running process, and discuss on vulnerability mining from component exposed vulnerabilities and security APIs related vulnerabilities. Finally, we summarize current research situation of Android’s security study and propose the issues which are worth further study.

Key words: Android, security, vulnerability, malicious application, authentication mechanism, survey