Computer Engineering and Applications ›› 2018, Vol. 54 ›› Issue (4): 117-121.DOI: 10.3778/j.issn.1002-8331.1608-0546
Previous Articles Next Articles
CHEN Lu, MA Yuanyuan, SHI Congcong, LI Nige, LI Weiwei
Online:
Published:
陈 璐,马媛媛,石聪聪,李尼格,李伟伟
Abstract: With the rapid development of mobile Internet, the number of smart phone users is increasing, especially Android smart phone users, and the security flaws of Android application security abound. Android application security flaws are divided into three, including vulnerabilities flaws, components flaws and configuration flaws. Focusing on these security flaws, first the bytecode file is static analysis, then the resolution Android bytecode as an inspection vehicle, it uses the visitor pattern to design detector for each species vulnerability. Finally, part of the code is achieved. Practice has proven able to meet the Android application security flaws static inspection requirements.
Key words: Android application, static analysis, security flaws, security vulnerabilities, visitor pattern
摘要: 随着移动互联网的快速发展,智能手机特别是Android智能手机的用户日益增多,Android应用的安全缺陷层出不穷。将Android应用安全缺陷分为漏洞缺陷、组件缺陷和配置缺陷等三方面,针对这些安全缺陷,对字节码文件进行静态分析,将解析的Android字节码作为检查载体,采用访问者模式为每一种脆弱性检测设计检测器。最后给出了部分代码实现,实践证明能够满足Android应用安全缺陷的静态检测需求。
关键词: Android应用, 静态分析, 安全缺陷, 安全漏洞, 访问者模式
CHEN Lu, MA Yuanyuan, SHI Congcong, LI Nige, LI Weiwei. Research on Android application security flaws static analysis technology[J]. Computer Engineering and Applications, 2018, 54(4): 117-121.
陈 璐,马媛媛,石聪聪,李尼格,李伟伟. Android应用安全缺陷的静态分析技术研究[J]. 计算机工程与应用, 2018, 54(4): 117-121.
0 / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://cea.ceaj.org/EN/10.3778/j.issn.1002-8331.1608-0546
http://cea.ceaj.org/EN/Y2018/V54/I4/117