Dynamic event sequence guidance for Android application vulnerability verification technology

doi:10.3778/j.issn.1002-8331.1611-0187

Computer Engineering and Applications ›› 2018, Vol. 54 ›› Issue (6): 86-94.DOI: 10.3778/j.issn.1002-8331.1611-0187

Previous Articles Next Articles

Dynamic event sequence guidance for Android application vulnerability verification technology

SUN Xiaoyong1，2, WANG Wei1, HUO Wei1，2, ZHOU Jianhua1

1.Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100195, China
2.School of Cyber Security, University of Chinese Academy of Sciences（UCAS）, Beijing 100190, China

Online:2018-03-15 Published:2018-04-03

动态事件序列制导的Android应用漏洞验证技术

孙骁永1，2，王伟1，霍玮1，2，周建华1

1.中国科学院信息工程研究所，北京 100195
2.中国科学院大学网络空间安全学院，北京 100190

Abstract

Abstract: At present, Android application vulnerability detection methods have static analysis and dynamic analysis. The static analysis has high rate of false positive. Although dynamic analysis reduces the rate of false positive, its operating efficiency and coverage are low. In order to solve the problem of dynamic analysis, this paper proposes the dynamic event sequence guidance for Android application vulnerability verification technology. This technology generates the activity jump graph by using the method of automated UI trigger. Then precisely guiding the suspicious path of vulnerability. Finally, verifying the suspicious path of vulnerability is whether executing. Automatically analyzing 10, 122 applications, the recall rate is 96.12% and false positive rate is 2.66%. The results show that the dynamic event sequence guidance for Android application vulnerability verification technology has good effective on automatically analyzing application.

Key words: dynamic event sequence, automated UI trigger, guidance verification, Android

摘要： 目前Android应用漏洞检测方法分为静态分析和动态分析。其中，静态分析存在误报率较高的问题，动态分析降低了误报率，但是存在运行效率和覆盖率较低的问题。针对动态分析存在的问题，首次提出了动态事件序列制导的Android应用漏洞验证技术，该技术使用自动化UI触发的方法生成Activity跳转关系图，然后对漏洞嫌疑路径进行精确制导，最后对漏洞触发嫌疑路径是否执行进行验证。经过对10 122个应用进行自动化漏洞分析，结果为召回率96.12%，误报率2.66%。实验结果表明，动态事件序列制导的Android应用漏洞验证技术对于自动化分析应用漏洞有很好的效果。

关键词: 动态事件序列, 自动化UI触发, 制导验证, Android

SUN Xiaoyong1，2, WANG Wei1, HUO Wei1，2, ZHOU Jianhua1. Dynamic event sequence guidance for Android application vulnerability verification technology[J]. Computer Engineering and Applications, 2018, 54(6): 86-94.

孙骁永1，2，王伟1，霍玮1，2，周建华1. 动态事件序列制导的Android应用漏洞验证技术[J]. 计算机工程与应用, 2018, 54(6): 86-94.

[1]	XIONG Jian, QIN Renchao, HE Mengyi, LIU Jianlan, TANG Fengyang. Application of Improved Random Forest Algorithm in Android Malware Detection [J]. Computer Engineering and Applications, 2021, 57(3): 130-136.
[2]	WANG Yulian, LU Mingming. Interpretable Automatic Detection of Android Malware Based on Graph Embedding [J]. Computer Engineering and Applications, 2021, 57(23): 122-128.
[3]	SU Qing, LIN Huazhi, HUANG Jianfeng, LIN Zhiyi. Malicious Android Application Detection Combining CNN and Catboost Algorithm [J]. Computer Engineering and Applications, 2021, 57(15): 140-146.
[4]	GUO Zhihan, LUO Senlin, KE Dongxiang, QIN Xiaonan. Hierarchical Acquisition Method of Android System Service Information [J]. Computer Engineering and Applications, 2021, 57(12): 99-104.
[5]	XIA Jipin, ZOU Bin, YANG Zhonglin, LI Shenxin. Health Route Planning Service for Avoiding Outdoor Air Pollution Exposure [J]. Computer Engineering and Applications, 2020, 56(3): 266-271.
[6]	ZHAO Yuxin, Nurbol, AI Zhuang. Android Malware Detection Based on Ensemble Learning Voting Algorithm [J]. Computer Engineering and Applications, 2020, 56(22): 74-82.
[7]	WANG Jiahe, WEI Songjie, WU Chao. Android Apps Traffic Behavior Obfuscation Method Based on Differential Privacy Protection [J]. Computer Engineering and Applications, 2020, 56(2): 68-75.
[8]	HOU Min, LIU Qian, YANG Huayong, ZHANG Guo’an. Data Push System of Marine Observation Based on MQTT Protocol [J]. Computer Engineering and Applications, 2019, 55(20): 227-231.
[9]	LI Chuan1, LIU Baoxu2. ParaIntentFuzz：Android applications parallel fuzzing system [J]. Computer Engineering and Applications, 2018, 54(4): 110-116.
[10]	CHEN Lu, MA Yuanyuan, SHI Congcong, LI Nige, LI Weiwei. Research on Android application security flaws static analysis technology [J]. Computer Engineering and Applications, 2018, 54(4): 117-121.
[11]	ZHANG Zhen, CAO Tianjie. Detecting Android malware based on matching sequence of behavioral characteristic value [J]. Computer Engineering and Applications, 2018, 54(24): 97-102.
[12]	ZHAO Wei1，4, WANG Nan2, SU Xin3，4, ZHANG Boyun1. Android malware detection approach based on deep belief network [J]. Computer Engineering and Applications, 2018, 54(18): 125-132.
[13]	WANG Wenchong, LING Jie. Android malware detection approach based on fuzzy Hash [J]. Computer Engineering and Applications, 2018, 54(18): 133-138.
[14]	ZHANG Peng. Framework for similarity detection among Android applications based on property classifying [J]. Computer Engineering and Applications, 2018, 54(17): 10-15.
[15]	LIU Chushu, WANG Weiping, LIU Pengfei. Detection of Android malware using resource features [J]. Computer Engineering and Applications, 2018, 54(15): 67-73.

Dynamic event sequence guidance for Android application vulnerability verification technology

动态事件序列制导的Android应用漏洞验证技术

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics