高级检索

    Android动态加载与反射机制的静态污点分析研究

    Android Static Taint Analysis of Dynamic Loading and Reflection Mechanism

    • 摘要: 隐私泄露是当前Android安全中最为重要的问题之一,目前检测隐私泄露的最主要方法是污点分析.Android静态污点分析技术凭借其代码覆盖率高、漏报率低的特点而被广泛应用在Android应用隐私泄露的检测上.然而,现有的静态污点分析工具却不能对Android动态加载和反射机制进行有效污点分析.鉴于当前Android动态加载和反射机制被越来越广泛地应用的现状,对如何使Android静态污点分析工具有效地处理Android应用的动态加载和反射机制的问题进行了研究.对Android源码进行了修改,使Android系统能够对Android应用实际运行中加载的dex文件和反射调用信息进行实时存储,并利用这些信息对Android静态污点分析过程进行引导.以当前领先的静态污点分析工具FlowDroid为基础,对其进行了改进,提出了使用非反射调用语句替换反射调用语句的策略,实现了一个能够对Android动态加载和反射机制进行有效污点分析的工具——DyLoadDroid,并通过实验验证了其在处理Android动态加载和反射机制的污点分析问题上的有效性.

       

      Abstract: Privacy leakage is one of the most important issues in the current Android security. The present most important method to detect privacy leakage is taint analysis. Because of its high code coverage and low false negative, the technique of static taint analysis is widely used in the detection of Android privacy leakage. However, the existing static taint analysis tools cannot do effective taint analysis for Android dynamic loading and reflection mechanism. Taking into account the present situation that Android dynamic loading and reflection mechanism are being used more and more widely, we focus on how to enable static taint analysis tools to effectively deal with Android dynamic loading and reflection mechanism. We modify the Android source code to enable the Android system to timely store the loaded dex files and reflection invocation information during the running process of an Android app. This information will be used to guide the static taint analysis process of the app and a policy that replacing the reflective method invocation with non-reflective method invocation is proposed. Based on these ideas, a taint analysis tool—DyLoadDroid is proposed, which has made some improvements of the state-of-the-art static taint analysis tool—FlowDroid and can do effective taint analysis for Android dynamic loading and reflection mechanism. Sufficient experimental results show that DyLoadDroid is very effective in tackling the problem of static taint analysis of Android dynamic loading and reflection mechanism.

       

    /

    返回文章
    返回