微信服务号

微信订阅号

2025年4月4日 13:58 星期五
首页 > 过刊浏览>2016年第27卷第1期 >45-71. DOI:10.13328/j.cnki.jos.004914
PDF HTML阅读 XML下载 导出引用 引用提醒
Android安全研究进展
作者:
基金项目:

国家自然科学基金(61170282)


Research Progress on Android Security
Author:
  • QING Si-Han

    QING Si-Han

    Institute of Software, The Chinese Academy of Sciences, Beijing 100190, China;State Key Laboratory of Information Security(Institute of Information Engineering, The Chinese Academy of Sciences), Beijing 100093, China;School of Software and Microelectronics, Peking University, Beijing 102600, China
    在期刊界中查找
    在百度中查找
    在本站中查找
Fund Project:

National Natural Science Foundation of China (61170282)

  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [161]
    • |
  • 相似文献 [20]
    • |
  • 引证文献
    • | |
  • 文章评论
    摘要:

    Android是目前最流行的智能手机软件平台,报告称,2014年,Android的销售量占到全球份额81%的绝对优势,首次达到10亿部.其余如苹果、微软、黑莓与火狐等则远远落在后面.与此同时,Android智能手机的日益流行也吸引了黑客,导致Android恶意软件应用的大量增加.从Android体系结构、设计原则、安全机制、主要威胁、恶意软件分类与检测、静态分析与动态分析、机器学习方法、安全扩展方案等多维角度,对Android安全的最新研究进展进行了总结与分析.

    Abstract:

    Android is a modern and most popular software platform for smartphones. According to report, Android accounted for a huge 81% of all smartphones in 2014 and shipped over 1 billion units worldwide for the first time ever. Apple, Microsoft, Blackberry and Firefox trailed a long way behind. At the same time, increased popularity of the Android smartphones has attracted hackers, leading to massive increase of Android malware applications. This paper summarizes and analyzes the latest advances in Android security from multidimensional perspectives, covering Android architecture, design principles, security mechanisms, major security threats, classification and detection of malware, static and dynamic analyses, machine learning approaches, and security extension proposals.

    参考文献
    [1] Motive Security Labs. Malware report-H2. 2014. http://boletines.prisadigital.com/MKT2015019837EN_2H2014_Malware_Report.pdf
    [2] Mawston N. Strategy Analytics. Android shipped 1 billion smartphones worldwide in 2014. 2014. http://www.strategyanalytics.com/default.aspx?mod=reportabstractviewer&a0=10539
    [3] Zhou Y, Jiang X. Dissecting android malware:Characterization and evolution. In:Proc. of the 2012 IEEE Symp. on Security and Privacy (SP). 2012. 95-109.[doi:10.1109/SP.2012.16]
    [4] Felt AP, Finifter M, Chin E, Hanna S, Wagner D. A survey of mobile malware in the wild. In:Proc. of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM 2011). 2011. 3-14.[doi:10.1145/2046614.2046618]
    [5] La Polla M, Martinelli F, Sgandurra D. A survey on security for mobile devices. IEEE Communications Surveys & Tutorials, 2013,15(1):446-471.[doi:10.1109/SURV.2012.013012.00028]
    [6] Enck W. Defending users against smartphone apps:Techniques and future directions. In:Proc. of the 7th Int'l Conf. (ICISS 2011). LNCS 7093, Springer-Verlag, 2011. 49-70.[doi:10.1007/978-3-642-25560-1_3]
    [7] Fledel Y, Shabtai A, Potashnik D, Elovici Y. Google Android:An updated security review. In:Proc. of the 2nd Int'l ICST Conf. (MobiCASE 2010). Springer-Verlag, 2010. 401-414.[doi:10.1007/978-3-642-29336-8_29]
    [8] Zhang YQ, Wang K, Yang H, Fang ZJ, Wang ZQ, Cao C. Survey of Android OS security. Journal of Computer Research and Development, 2014,51(7):1385-1396(in Chinese with English abstract).[doi:10.7544/issn1000-1239.2014.20140098]
    [9] Shabtai A, Fledel Y, Kanonov U, Elovici1 Y, Dolev S. Google Android:A state-of-the-art review of security mechanisms. arXiv:0912. 5101[cs.CR], 2009. http://arxiv.org/ftp/arxiv/papers/0912/0912.5101.pdf
    [10] Burns J. Developing secure mobile applications for Android. 2008. https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/isec_securing_android_apps.pdf
    [11] Enck W, Ongtang M, McDaniel P. Understanding Android security. IEEE Security & Privacy, 2009,7(1):50-57.[doi:10.1109/MSP. 2009.26]
    [12] Jiang SL, Wang JS, Zhang T, Chen R. A summary on Android security. Computer Applications and Software, 2012,29(10):205-210(in Chinese with English abstract).[doi:10.3969/j.issn.1000-386x.2012.10.054]
    [13] Enck W, Octeau D, McDaniel P, Chaudhuri S. A study of Android application security. In:Proc. of the 20th USENIX Security Symp. (USENIX 2011). 2011. 2-29. https://www.usenix.org/legacy/event/sec11/tech/slides/enck.pdf
    [14] Huang CY, Tsai YT, Hsu CH. Performance evaluation on permission-based detection for Android malware. In:Proc. of the Int'l Computer Symp. (ICS 2012). Springer-Verlag, 2012. 111-120.[doi:10.1007/978-3-642-35473-1_12]
    [15] Wang W. The system based on the Android principle analysis of malicious program. Netinfo Security, 2012,10:71-76(in Chinese with English abstract).[doi:10.3969/j.issn.1671-1122.2012.10.017]
    [16] Aung Z, Zaw W. Permission-Based android malware detection. Int'l Journal of Scientific & Technology Research, 2013,2(3):228-234.
    [17] Sanz B, Santos I, Laorden C, Ugarte-Pedrero X, Nieves J, Bringas PG. MAMA:Manifest analysis for malware detection in Android. Cybernetics and Systems, 2013,44(6-7):469-488.[doi:10.1080/01969722.2013.803889]
    [18] Sato R, Chiba D, Goto S. Detecting Android malware by analyzing manifest files. In:Proc. of the Asia-Pacific Advanced Network, Vol.36. 2013. 23-31.[doi:10.7125/APAN.36.4]
    [19] Rastogi V, Chen Y, Jiang X. Droidchameleon:Evaluating Android anti-malware against transformation attacks. In:Proc. of the 8th ACM SIGSAC Symp. on Information, Computer and Communications Security (ASIACCS 2013). 2013. 329-334.[doi:10.1145/2484313. 2484355]
    [20] Zheng M, Lee PPC, Lui JCS. ADAM:An automatic and extensible platform to stress test Android anti-virus systems. In:Proc. of the 9th Int'l Conf. (DIMVA 2013). LNCS 7591, Springer-Verlag, 2013. 82-101.[doi:10.1007/978-3-642-37300-8_5]
    [21] Su MY, Chang WC. Permission-Based malware detection mechanisms for smart phones. In:Proc. of the 2014 IEEE Int'l Conf. on Information Networking (ICOIN 2014). 2014. 449-452.[doi:10.1109/ICOIN.2014.6799722]
    [22] Yerima SY, Sezer S, McWilliams G, Muttik I. A new Android malware detection approach using bayesian classification. In:Proc. of the 2013 IEEE 27th Int'l Conf. on Advanced Information Networking and Applications (AINA2013). 2013. 121-128.[doi:10.1109/AINA. 2013.88]
    [23] Grace M, Zhou Y, Zhang Q, Zou S, Jiang X. Riskranker:Scalable and accurate zero-day Android malware detection. In:Proc. of the 10th Int'l Conf. on Mobile Systems, Applications, and Services (MobiSys 2012). 2012. 281-294.[doi:10.1145/2307636.2307663]
    [24] Li JH, Mu DJ, Yang MK, Hu W. Design on Android malware behavior analysis system. Journal of Beijing University of Posts and Telecom, 2014,37(S1):104-107(in Chinese with English abstract).
    [25] Elish KO, Shu X, Yao D, Ryder BG, Jiang X. Profiling user-trigger dependence for Android malware detection. Computers & Security, 2015,49(C):255-273.[doi:10.1016/j.cose.2014.11.001]
    [26] Wen WP, Mei R, Ning G, Wang LL. Malware detection technology analysis and applied research of Android platform. Journal on Communications, 2014,8:78-85(in Chinese with English abstract).[doi:10.3969/j.issn.1000-436x.2014.08.011]
    [27] Protsenko M, Müller T. Android malware detection based on software complexity metrics. In:Proc. of the 11th Int'l Conf. (TrustBus 2014). LNCS 8647, Springer-Verlag, 2014. 24-35.[doi:10.1007/978-3-319-09770-1_3]
    [28] Zhang W, Yan HB, Wen WP. Implementation of a malware detect tool on Android. Netinfo Security, 2013,1:27-32(in Chinese with English abstract).[doi:10.3969/j.issn.1671-1122.2013.01.008]
    [29] Deshotels L, Notani V, LakhotiaL A. DroidLegacy:Automated familial classification of Android malware. In:Proc. of the ACM SIGPLAN on Program Protection and Reverse Engineering Workshop (PPREW 2014). 2014.[doi:10.1145/2556464.2556467]
    [30] Li T, Dong H, Yuan CY, Du YJ, Xu GA. Description of Android malware feature based on Dalvik instructions. Journal of Computer Research and Development, 2014,51(7):1458-1466(in Chinese with English abstract).[doi:10.7544/issn1000-1239.2014.20131897]
    [31] Faruki P, Laxmi V, Bharmal A, Gaur MS, Ganmoor V. AndroSimilar:Robust signature for detecting variants of Android malware. Journal of Information Security and Applications, 2014,22:66-80.[doi:10.1016/j.jisa.2014.10.011]
    [32] Fang Z, Han W, Li Y. Permission-Based Android security:Issues and countermeasures. Computers & Security, 2014,43:205-218.[doi:10.1016/j.cose.2014.02.007]
    [33] Felt AP, Chin E, Hanna S, Song D, Wagner D. Android permissions demystified. In:Proc. of the 18th ACM Conf. on Computer and Communications Security (CCS 2011). 2011. 627-638.[doi:10.1145/2046707.2046779]
    [34] Frank M, Ben D, Felt AP, Song D. Mining permission request patterns from Android and facebook applications. In:Proc. of the 2012 IEEE 12th Int'l Conf. on Data Mining (ICDM 2012). 2012. 870-875.[doi:10.1109/ICDM.2012.86]
    [35] Zhu J, Guan J, Yang Y, Yu L, Sun H, Chen Z. Permission-Based abnormal application detection for Android. In:Proc. of the 14th Int'l Conf. (ICICS 2012). LNCS 7618, Springer-Verlag, 2012. 228-239.[doi:10.1007/978-3-642-34129-8_20]
    [36] Felt AP, Ha E, Egelman S, Haney A, Chin E, Wagner D. Android permissions:User attention, comprehension, and behavior. In:Proc. of the Symp. on Usable Privacy and Security (SOUPS 2012). 2012.[doi:10.1145/2335356.2335360]
    [37] Holavanalli S, Manuel D, Nanjundaswamy V, Rosenberg B. Flow permissions for Android. In:Proc. of the 2013 IEEE/ACM 28th Int'l Conf. on Automated Software Engineering (ASE 2013). 2013. 652-657.[doi:10.1109/ASE.2013.6693128]
    [38] Moonsamy V, Rong J, Liu S. Mining permission patterns for contrasting clean and malicious Android applications. Future Generation Computer Systems, 2014,36:122-132.[doi:10.1016/j.future.2013.09.014]
    [39] Zhang Y, Yang M, Xu B, Yang Z, Gu G, Ning P, Wang XS, Zang B. Vetting undesirable behaviors in Android apps with permission use analysis. In:Proc. of the 2013 ACM SIGSAC Conf. on Computer & Communications Security (CCS 2013). 2013. 611-622.[doi:10. 1145/2508859.2516689]
    [40] Struse E, Seifert J, Üllenbeck S, Rukzio E, Wolf C. Permissionwatcher:Creating user awareness of application permissions in mobile systems. In:Proc. of the 3rd Int'l Joint Conf. (Ambient Intelligence 2012). LNCS 7683, Springer-Verlag, 2012. 65-80.[doi:10.1007/978- 3-642-34898-3_5]
    [41] Sarma BP, Li N, Gates C, Potharaju R, Nita-Rotaru C. Android permissions:A perspective combining risks and benefits. In:Proc. of the ACM Symp. on Access Control Models and Technologies (SACMAT 2012). 2012. 13-22.[doi:10.1145/2295136.2295141]
    [42] Orthacker C, Teufl P, Kraxberger S, Lackner G, Gissing M, Marsalek A, Leibetseder J, Prevenhueber O. Android security permissions- Can we trust them. In:Proc. of the 3rd Int'l ICST Conf. (MobiSec 2011). Springer-Verlag, 2012. 40-51.[doi:10.1007/978-3-642- 30244-2_4]
    [43] Felt AP, Egelman S, Finifter M, Akhawe D, Wagner D. How to ask for permission. In:Proc. of the 7th USENIX Workshop on Hot Topics in Security (HotSec 2012). 2012. https://www.usenix.org/system/files/conference/hotsec12/hotsec12-final19.pdf
    [44] Barrera D, Kayacik HG, van Oorschot PC, Somayaji A. A methodology for empirical analysis of permission-based security models and its application to Android. In:Proc. of the 17th ACM Conf. on Computer and Communications Security (CCS 2010). 2010. 73-84.[doi:10.1145/1866307.1866317]
    [45] Kelley PG, Consolvo S, Cranor LF, Jung J, Sadeh N, Wetherall D. A conundrum of permissions:Installing applications on an Android smartphone. In:Proc. of the Financial Cryptography and Data Security. LNCS 7398, Springer-Verlag, 2012. 68-79.[doi:10.1007/978-3-642-34638-5_6]
    [46] Rassameeroj I, Tanahashi Y. Various approaches in analyzing Android applications with its permission-based security models. In:Proc. of the 2011 IEEE Int'l Conf. on Electro/Information Technology (EIT 2011). 2011. 1-6.[doi:10.1109/EIT.2011.5978583]
    [47] Bugiel S, Davi L, Dmitrienko A, Fischer T, Sadeghi AR, Shastry B. Poster:The quest for security against privilege escalation attacks on Android. In:Proc. of the 18th ACM Conf. on Computer and Communications Security (CCS 2011). 2011. 741-744.[doi:10.1145/2046707.2093482]
    [48] Egners A, Meyer U, Marschollek B. Messing with Android's permission model. In:Proc. of the 2012 IEEE 11th Int'l Conf. on Trust, Security and Privacy in Computing and Communications (TrustCom 2012). 2012. 505-514.[doi:10.1109/TrustCom.2012.203]
    [49] Wei X, Gomez L, Neamtiu I, Faloutsos M. Permission evolution in the Android ecosystem. In:Proc. of the 28th Annual Computer Security Applications Conf. (ACSAC 2012). 2012. 31-40.[doi:10.1145/2420950.2420956]
    [50] Felt AP, Greenwood K, Wagner D. The effectiveness of install-time permission systems for third-party applications. Technical Report, No. UCB/EECS-2010-143, 2010.
    [51] Shabtai A, Kanonov U, Elovici Y, Glezer C, Weiss Y. Andromaly:A behavioral malware detection framework for Android devices. Journal of Intelligent Information Systems, 2012,38(1):161-190.[doi:10.1007/s10844-010-0148-x]
    [52] Liu X, Liu J. A two-layered permission-based Android malware detection scheme. In:Proc. of the 20142nd IEEE Int'l Conf. on Mobile Cloud Computing, Services, and Engineering (MobileCloud 2014). 2014. 142-148.[doi:10.1109/MobileCloud.2014.22]
    [53] Sanz B, Santos I, Laorden C, Ugarte-Pedrero X, Bringas PG, Álvarez G. Puma:Permission usage to detect malware in Android. In:Proc. of the Int'l Joint Conf. CISIS 2012-ICEUTE 2012-SOCO 2012 Special Sessions. Springer-Verlag, 2013. 289-298.[doi:10.1007/978-3-642-33018-6_30]
    [54] Wolfe B, Elish K, Yao DF. High precision screening for Android malware with dimensionality reduction. In:Proc. of the IEEE 201413th Int'l Conf. on Machine Learning and Applications (ICMLA 2014). 2014. 21-28.[doi:10.1109/ICMLA.2014.10]
    [55] Shabtai A, Fledel Y, Elovici Y. Automated static code analysis for classifying Android applications using machine learning. In:Proc. of the IEEE 2010 Int'l Conf. on Computational Intelligence and Security (CIS 2010). 2010. 329-333.[doi:10.1109/CIS.2010. 77]
    [56] Aafer Y, Du W, Yin H. DroidAPIMiner:Mining API-level features for robust malware detection in Android. In:Proc. of the 9th Int'l ICST Conf. (SecureComm 2013). Springer-Verlag, 2013. 86-103.[doi:10.1007/978-3-319-04283-1_6]
    [57] Wolfe B, Elish KO, Yao D. Comprehensive behavior profiling for proactive Android malware detection. In:Proc. of the 17th Int'l Conf. (ISC 2014). LNCS 8783, Springer-Verlag, 2014. 328-344.[doi:10.1007/978-3-319-13257-0_19]
    [58] Arp D, Spreitzenbarth M, Hubner M, Gascon H, Rieck K. DREBIN:Effective and explainable detection of Android malware in your pocket. In:Proc. of the 21st Network and Distributed System Security Symp. (NDSS 2014). 2014. https://www.researchgate.net/publication/264785935_DREBIN_Effective_and_Explainable_Detection_of_Android_Malware_in_Your_Pocket
    [59] Amos B, Turner H, White J. Applying machine learning classifiers to dynamic Android malware detection at scale. In:Proc. of the 9th IEEE Int'l Wireless Communications and Mobile Computing Conf. (IWCMC 2013). 2013. 1666-1671.[doi:10.1109/IWCMC.2013. 6583806]
    [60] Sahs J, Khan L. A machine learning approach to Android malware detection. In:Proc. of the IEEE 2012 European Intelligence and Security Informatics Conf. 2012. 141-147.[doi:10.1109/EISIC.2012.34]
    [61] Peiravian N, Zhu X. Machine learning for Android:Malware detection using permission and API calls. In:Proc. of the 25th IEEE Int'l Conf. on Tools with Artificial Intelligence (ICTAI 2013). 2013. 300-305.[doi:10.1109/ICTAI.2013.53]
    [62] Google. ApkTool. https://code.google.com/android/apk-tool
    [63] FireEye mobile threat prevention. https://www.fireeye.com/content/dam/fireeye-www/global/en/products/pdfs/fireeye-mobile-threatprevention.pdf
    [64] Zimperlich sources. 2011. http://c-skills.blogspot.com/2011/02/zimperlich-sources.html
    [65] Android software stack. http://source.android.com/devices/tech/security/index.html
    [66] OpenBinder:And open-source system component framework. http://www.open-binder.org
    [67] Android system framework. http://source.android.com/devices/index.html
    [68] Android permissions. http://developer.android.com/reference/android/Manifest.permission.html
    [69] Saltzer JH. Protection and the control of information sharing in Multics. Communications of the ACM, 1974,17(7):388-402.[doi:10.1145/361011.361067]
    [70] Bugiel S, Davi L, Dmitrienko A, Heuser S, Sadeghi AR, Shastry B. Practical and lightweight domain isolation on Android. In:Proc. of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM 2011). 2011. 51-62.[doi:10.1145/2046614.2046624]
    [71] Enck W, Ongtang M, Mcdaniel P. Mitigating Android software misuse before it happens. Technical Report, NAS-TR-0094-2008, 2008.
    [72] Ongtang M, McLaughlin S, Enck W, McDaniel P. Semantically rich application-centric security in Android. In:Proc. of the IEEE Annual Computer Security Applications Conf. (ACSAC 2009). 2009. 340-349.[doi:10.1109/ACSAC.2009.39]
    [73] Nauman M, Khan S, Zhang X. Apex:Extending Android permission model and enforcement with user-defined runtime constraints. In:Proc. of the 5th ACM Asia Conf. on Computer and Communications Security (ASIACCS 2010). 2010. 328-332.[doi:10.1145/1755688.1755732]
    [74] Pearce P, Felt AP, Nunez G, Wagner D. Addroid:Privilege separation for applications and advertisers in Android. In:Proc. of the 7th ACM Asia Conf. on Computer and Communications Security (ASIACCS 2012). 2012. 71-72.[doi:10.1145/2414456.2414498]
    [75] Jeon J, Micinski KK, Vaughan JA, Fogel A, Reddy N, Foster JS, Millstein T. Dr. Android and Mr. Hide:Fine-Grained security policies on unmodified Android. In:Proc. of the 2nd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM 2012). 2012. 3-14.[doi:10.1145/2381934.2381938]
    [76] Google API. http://www.android-doc.com/guide/components/index.html
    [77] Stanek W. Windows Server 2012 Inside Out. Redmond:Microsoft Press, 2013.
    [78] Qing SH, Cheng W, Du C. Analysis of security risk controllability for windows OS. Netinfo Security, 2015,4:5-12(in Chinese with English abstract).[doi:10.3969/j.issn.1671-1122.2015.04.002]
    [79] Security enhancements in Android 4.2. http://source.android.com/devices/tech/security/enhancements42.html
    [80] Security enhancements in Android 4.3. http://source.android.com/devices/tech/security/enhancements43.html
    [81] Validating security-enhanced Linux in Android. http://source.android.com/devices/tech/security/se-linux.html
    [82] Exploid. 2010. http://c-skills.blogspot.com/2010/07/exploid-works-on-droid-x.html
    [83] RageAgainstTheCage. 2011. https://thesnkchrmr.wordpress.com/2011/03/24/rageagainstthecage/
    [84] Mahaffey K. Security alert:DroidDream. 2011. http://blog.mylookout.com/2011/03/securityalert-malware-found-in-officialandroid-marketdroiddream/
    [85] Strazzere T. Security alert:Zhash. 2011. http://blog.mylookout.com/2011/03/security-alertzhash-a-binary-that-can-root-androidphones-found-inchinese-app-markets-and-android-market/
    [86] Jiang X. Security alert:New DroidKungFu variant-AGAIN!-Found in alternative Android markets. http://www.csc.ncsu.edu/faculty/jiang/DroidKungFu3/
    [87] Doherty S, Krysiuk P. Android.Basebridge technical details. 2011. http://www.symantec.com/securityresponse/writeup.jsp?docid=2011-060915-4938-99&tabid=2
    [88] Edge J. RLIMIT NPROC and setuid(). Linux Weekly News, 2011. http://lwn.net/Articles/451985
    [89] Castillo CA. Android malware past, present, and future. Technical Report, McAfee Mobile Working Security Group, 2012.
    [90] Fake netxflix Android trojan info stealer. 2011. http://contagiominidump.blogspot.in/2011/10/fake-netxflix-adtroidtrojan-info.html
    [91] Andre G, Ramos P. Boxer SMS trojan. Technical Report, ESET Latin American Lab, 2013.
    [92] Spitmo vs Zitmo:Banking trojans target Android. https://blogs.mcafee.com/mcafee-labs/spitmo-vs-zitmo-bankingtrojans-targetandroid
    [93] Backdoor. AndroidOS.Obad.a. 2013. http://contagiominidump.blogspot.in/2013/06/backdoorandroidosobada.html
    [94] Fakedefender B. Android fake antivirus. 2013. http://contagiominidump.blogspot.in/2013/11/fakedefenderb-androidfake-antivirus.html
    [95] Davi L, Dmitrienko A, Sadeghi AR, Winandy M. Privilege escalation attacks on Android. In:Proc. of the 13th Int'l Conf. (ISC 2010). LNCS 6531, Springer-Verlag, 2011. 346-360.[doi:10.1007/978-3-642-18178-8_30]
    [96] Felt AP, Wang HJ, Moshchuk A, Hanna S, Chin E. Permission re-delegation:Attacks and defenses. In:Proc. of the 20th USENIX Security Symp. (USENIX 2011). 2011. https://www.usenix.org/legacy/event/sec11/tech/full_papers/Felt.pdf
    [97] Bugiel S, Davi L, Dmitrienko A, Fischer T, Sadeghi AR. Xmandroid:A new Android evolution to mitigate privilege escalation attacks. Technical Report, TR-2011-04, 2011.
    [98] Bugiel S, Davi, Dmitrienko A, Fischer T, Sadeghi1 AR, Shastry B. Towards taming privilege-escalation attacks on Android. In:Proc. of the 19th Network and Distributed System Security Symp. (NDSS 2012). 2012. http://core.ac.uk/download/pdf/18286747.pdf
    [99] Chin E, Felt AP, Greenwood K, Wagner D. Analyzing inter-application communication in Android. In:Proc. of the ACM 9th Int'l Conf. on Mobile Systems, Applications, and Services (MobiSys 2011). 2011. 239-252.[doi:10.1145/1999995.2000018]
    [100] Hardy N. The confused deputy. ACM Operating Systems Review, 1988,22(4):36-38.
    [101] Marforio C, Application collusion attack on the permission-based security model and its implications for modern smartphone systems. Technical Report, 724, ETH, 2011.[doi:10.3929/ethz-a-006720730]
    [102] Schlegel R, Zhang K, Zhou X, Intwala M, Kapadia A, Wang X. Soundcomber:A stealthy and context-aware sound trojan for smartphones. In:Proc. of the 18th Network and Distributed System Security Symp. (NDSS 2011). 2011. 17-33. http://dev.www.isocdev.org/sites/default/files/schlegel.pdf
    [103] Fahl S, Harbach M, Muders T, Baumgärtner L, Freisleben B, Smith M. Why eve and mallory love Android:An analysis of Android SSL (in) security. In:Proc. of the 19th ACM Conf. on Computer and Communications Security (CCS 2012). 2012. 50-61.[doi:10.1145/2382196.2382205]
    [104] Georgiev M, Iyengar S, Jana S. Anubhai R, Boneh D, Shmatikov V. The most dangerous code in the world:Validating SSL certificates in non-browser software. In:Proc. of the 19th ACM Conf. on Computer and Communications Security (CCS 2012). 2012. 38-49.[doi:10.1145/2382196.2382204]
    [105] Egele M, Brumley D, Fratantonio Y, Kruegel C. An empirical study of cryptographic misuse in Android applications. In:Proc. of the 20th ACM Conf. on Computer and Communications Security (CCS 2013). 2013. 73-84.[doi:10.1145/2508859.2516693]
    [106] Sounthiraraj D, Sahs J, Greenwood G, Lin Z, Khan L. SMV-HUNTER:Large scale, automated detection of SSL/TLS man-in-themiddle vulnerabilities in Android apps. In:Proc. of the 21st Network and Distributed System Security Symp. (NDSS 2014). 2014. http://www.internetsociety.org/sites/default/files/10_3_1.pdf
    [107] Rastogi V, Chen Y, Enck W. Appsplayground:Automatic security analysis of smartphone applications. In:Proc. of the 3rd ACM Conf. on Data and Application Security and Privacy (CODASP 2013). 2013. 209-220.[doi:10.1145/2435349.2435379]
    [108] BlackHat, reverse engineering with androguard. https://code.google.com/androguard
    [109] Octeau D, Daniel P, Enck W. Ded:Decompiling Android applications. http://siis.cse.psu.edu/ded/
    [110] Dex2Jar, Android decompiling with Dex2jar. 2015. http://code.google.com/p/dex2jar/
    [111] Enck W, Ongtang M, McDaniel P. On lightweight mobile phone application certification. In:Proc. of the 16th ACM Conf. on Computer and Communications Security (CCS 2009). 2009. 235-245.[doi:10.1145/1653662.1653691]
    [112] Fuchs AP, Chaudhuri A, Foster JS. SCanDroid:Automated security certification of Android applications. University of Maryland, 2009. http://www.cs.umd.edu/~avik/papers/scandroidascaa.pdf
    [113] Chan PPF, Hui LCK, Yiu SM. Droidchecker:Analyzing Android applications for capability leak. In:Proc. of the 15th ACM Conf. on Security and Privacy in Wireless and Mobile Networks (WiSec 2012). 2012. 125-136.[doi:10.1145/2185448.2185466]
    [114] Lu L, Li Z, Wu Z, Lee W, Jiang G. Chex:Statically vetting Android apps for component hijacking vulnerabilities. In:Proc. of the 19th ACM Conf. on Computer and Communications Security (CCS 2012). 2012. 229-240.[doi:10.1145/2382196.2382223]
    [115] Gibler C, Crussell J, Erickson J, Chen H. AndroidLeaks:Automatically detecting potential privacy leaks in Android applications on a large scale. In:Proc. of the 5th Int'l Conf. (TRUST 2012). LNCS 7344, Springer-Verlag, 2012. 291-307.[doi:10.1007/978-3-642- 30921-2_17]
    [116] Octeau D, McDaniel P, Jha S, Bartel A, Bodden E, Klein J, Traon YL. Effective inter-component communication mapping in Android with EPICC:An essential step towards holistic security analysis. In:Proc. of the 22nd USENIX Security Symp. (USENIX 2013). 2013. http://orbilu.uni.lu/handle/10993/12576
    [117] Cui XM, Yu D, Chan P, Hui Lucas CK, Yiu SM, Qing SH. CoChecker:Detecting capability and sensitive data leaks from component chains in Android. In:Proc. of the 19th Australasian Conf. (ACISP 2014). LNCS 8544, Springer-Verlag, 2014. 446-453.[doi:10.1007/978-3-319-08344-5_31]
    [118] Kim J, Yoon Y, Yi K, Shin J. ScanDal:Static analyzer for detecting privacy leaks in Android applications. In:Proc. of the IEEE Workshop on Mobile Security Technologies (MoST 2012). 2012. http://www.mostconf.org/2012/papers/26.pdf
    [119] Stowaway. http://www.android-permissions.org/
    [120] Dietz M, Shekhar S, Pisetsky Y, Shu A, Wallach DS. Quire:Lightweight provenance for smart phone operating systems. In:Proc. of the 20th USENIX Security Symp. (USENIX 2011). 2011. 24. http://static.usenix.org/event/sec11/tech/full_papers/Dietz.pdf
    [121] Enck W, Gilbert P, Chun BG, Cox LP, Jung J, McDaniel P, Sheth AN. TaintDroid:An information flow tracking system for realtime privacy monitoring on smartphones. Communications of the ACM, 2014,57(3):99-106.[doi:10.1145/2494522]
    [122] Huang J, Zhang X, Tan L, Wang P, Liang B. Asdroid:Detecting stealthy behaviors in Android applications by user interface and program behavior contradiction. In:Proc. of the 36th Int'l Conf. on Software Engineering (ICSE 2014). 2014. 1036-1046.[doi:10. 1145/2568225.2568301]
    [123] Burguera I, Zurutuza U, Nadjm-Tehrani S. Crowdroid:Behavior-Based malware detection system for Android. In:Proc. of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM 2011). 2011. 15-26.[doi:10.1145/2046614. 2046619]
    [124] Amos B, Turner H, White J. Applying machine learning classifiers to dynamic Android malware detection at scale. In:Proc. of the 20139th Int'l Wireless Communications and Mobile Computing Conf. (IWCMC). 2013. 1666-1671.[doi:10.1109/IWCMC.2013. 6583806]
    [125] Peng H, Gates C, Sarma B, Li N, Qi Y, Potharaju R, Nita-Rotaru C, Molloy I. Using probabilistic generative models for ranking risks of Android apps. In:Proc. of the 19th ACM Conf. on Computer and Communications Security (CCS 2012). 2012. 241-252.[doi:10.1145/2382196.2382224]
    [126] Wu DJ, Mao CH, Wei TE, Lee HM. Droidmat:Android malware detection through manifest and API calls tracing. In:Proc. of the 7th Asia Joint Conf. on Information Security (Asia JCIS). 2012. 62-69.[doi:10.1109/AsiaJCIS.2012.18]
    [127] Ongtang M, Butler K, McDaniel P. Porscha:Policy oriented secure content handling in Android. In:Proc. of the 26th Annual Computer Security Applications Conf. (ACSAC 2010). 2010. 221-230.[doi:10.1145/1920261.1920295]
    [128] Conti M, Nguyen VTN, Crispo B. CRePE:Contextrelated policy enforcement for Android. In:Proc. of the 13th Int'l Conf. (ISC 2010). LNCS 6531, Springer-Verlag, 2010. 331-345.[doi:10.1007/978-3-642-18178-8_29]
    [129] Portokalidis G, Homburg P, Anagnostakis K, Bos H. Paranoid Android:Versatile protection for smartphones. In:Proc. of the 26th Annual Computer Security Applications Conf. (ACSAC 2010). 2010. 347-356.[doi:10.1145/1920261.1920313]
    [130] Shabtai A, Fledel Y, Elovici Y. Securing Android-Powered mobile devices using SELinux. IEEE Security and Privacy, 2010,8(3):36-44.[doi:10.1109/MSP.2009.144]
    [131] Smalley S, Craig R. Security enhanced (SE) Android:Bringing flexible MAC to Android. In:Proc. of the 20th Network and Distributed System Security Symp. (NDSS 2013). 2013. 20-38. http://www.cs.columbia.edu/~lierranli/coms6998-7Spring2014/papers/SEAndroid-NDSS2013.pdf
    [132] Qing SH, Shen QN, Liu WQ. OS Security. 2nd ed., Beijing:Tsinghua University Press, 2011. 226-229(in Chinese).
    [133] National Security Agency. Security-Enhanced linux. http://www.nsa.gov/research/selinux
    [134] Zhang X, Acıiçmez O, Seifert JP. A trusted mobile phone reference architecture via secure kernel. In:Proc. of the 2007 ACM Workshop on Scalable Trusted Computing (STC 2007). 2007. 7-14.[doi:10.1145/1314354.1314359]
    [135] Trusted Computing Group. Mobile Trusted Module Specification. Version 1.0 Revision 6, 26, 2008.
    [136] Trusted Computing Group (TCG). TNC Architecture for Interoperability. Version 1.4, Revision 4, 2009.
    [137] L4Linux. http://l4linux.org/
    [138] Lange M, Liebergeld S, Lackorzynski A, Warg A, Peter M. L4Android:A generic operating system framework for secure smartphones. In:Proc. of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM 2011). 2011. 39-50.[doi:10.1145/2046614.2046623]
    [139] Andrus J, Dall C, Hof AV, Laadan O, Nieh J. Cells:A virtual mobile smartphone architecture. In:Proc. of the 23rd ACM Symp. on Operating Systems Principles (SOSP 2011). 2011. 173-187.[doi:10.1145/2043556.2043574]
    [140] Bae H, Kim SW, Yoo C. Building the Android platform security mechanism using TrustZone. In:Proc. of the 8th Int'l Symp. on Embedded Technology (ISET 2013). 2013. http://os.korea.ac.kr/publication_papers/inter_confer/ISET2013%20HeeJae%20Bae%20with%20ACK.pdf
    [141] Samsungknox. https://www.samsungknox.com/zh-hans
    [142] QEMU. http://wiki.qemu.org/Index.html
    [143] Vasudevan A, Owusu E, Zhou Z, Newsome J, McCune JM. Trustworthy execution on mobile devices:What security properties can my mobile platform give me. 2012. http://users.ece.cmu.edu/~jmmccune/papers/VaOwZhNeMc2012.pdf
    [144] Vasudevan A, McCune JM, Newsome J. Trustworthy Execution on Mobile Devices. New York:Springer-Verlag, 2014.[doi:10. 1007/978-1-4614-8190-4]
    [145] Watson R. A decade of OS access-control extensibility. ACM Queue, 2013,11(1).[doi:10.1145/2408776.2408792]
    [146] Write C, Cowan C, Smalley S, Morris J, Kroah-Hartman G. Linux security modules:General security support for the Linux kernel. In:Proc. of the 11th USENIX Security Symp. (USENIX 2002). 2002.[doi:10.1109/FITS.2003.1264934]
    [147] Watson R. TrustedBSD:Adding trusted operating system features to FreeBSD. In:Proc. of the USENIX 2001. 2001. http://www.trustedbsd.net/trustedbsd-freenix-2001.pdf
    [148] Heuser S, Nadkarni A, Enck W, Sadeghi AR. ASM:A programmable interface for extending Android security. In:Proc. of the 23nd USENIX Security Symp. (USENIX 2014). 2014. https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paperheuser.pdf
    [149] Backes M, Bugiel S, Gerling S, von Styp-Rekowsky P. Android security framework:Enabling generic and extensible access control on Android. Technical Report, A/01/2014, Saarland University, 2014.
    [150] Xu R, Saidi H, Anderson R. Aurasium:Practical policy enforcement for Android applications. In:Proc. of the 21st USENIX Security Symp. (USENIX 2012). 2012.
    [151] Zhang M, Yin H. AppSealer:Automatic generation of vulnerability-specific patches for preventing component hijacking attacks in Android applications. In:Proc. of the 21st Network and Distributed System Security Symp. (NDSS 2014). 2014.[doi:10.14722/ndss. 2014.23255]
    附中文参考文献:
    [8] 张玉清,王凯,杨欢,方喆君,王志强,曹琛.Android安全综述.计算机研究与发展,2014,51(7):1385-1396.[doi:10.7544/issn1000-1239.2014.20140098]
    [12] 蒋绍林,王金双,张涛,陈融.Android安全研究综述.计算机应用与软件,2012,29(10):205-210.[doi:10.3969/j.issn.1000-386x.2012.10.054]
    [15] 王玮.基于Android系统的恶意程序原理分析.信息网络安全,2012,10:71-76.[doi:10.3969/j.issn.1671-1122.2012.10.017]
    [24] 李静华,慕德俊,杨鸣坤,胡伟.Android恶意程序行为分析系统设计.北京邮电大学学报,2014,37(s1):104-107.
    [26] 文伟平,梅瑞,宁戈,汪亮亮.Android恶意软件检测技术分析和应用研究.通信学报,2014,8:78-85.[doi:10.3969/j.issn.1000-436x. 2014.08.011]
    [28] 张文,严寒冰,文伟平.一种Android恶意程序检测工具的实现.信息网络安全,2013,1:27-32.[doi:10.3969/j.issn.1671-1122.2013. 01.008]
    [30] 李挺,董航,袁春阳,杜跃进,徐国爱.基于Dalvik指令的Android恶意代码特征描述及验证.计算机研究与发展,2014,51(7):1458-1466.[doi:10.7544/issn1000-1239.2014.20131897]
    [78] 卿斯汉,程伟,杜超.Windows操作系统的安全风险可控性分析.信息网络安全,2015,4:5-12.[doi:10.3969/j.issn.1671-1122.2015.04.002]
    [132] 卿斯汉,沈晴霓,刘文清.操作系统安全.第2版,北京:清华大学出版社,2011.226-229.
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

卿斯汉. Android安全研究进展.软件学报,2016,27(1):45-71

复制
分享
文章指标
  • 点击次数:30391
  • 下载次数: 34331
  • HTML阅读次数: 4694
  • 引用次数: 0
历史
  • 收稿日期:2015-06-20
  • 最后修改日期:2015-08-31
  • 在线发布日期: 2015-10-16
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第19786480位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号