Android 鍵盤的隱私洩露分析

Abstract

在安卓系統（Android）的手機中，用戶必須透過虛擬鍵盤來輸入文字。安卓系統的虛擬鍵盤不只有手機內建的預設鍵盤，使用者也能自行安裝第三方鍵盤，但這些第三方鍵盤可能帶來隱私洩露的風險。雖然現在已經有非常多的自動化測試工具能夠測試安卓系統的應用程式，例如 monkey runner 等等，但是因為虛擬鍵盤的應用程式介面（API）或是使用者介面都與一般的安卓應用程式不同，所以目前並沒有任何自動化工具能夠針對虛擬鍵盤做測試與分析。在本篇論文中，我們提出了 IMEAnalyzer 這個系統。本系統是第一個針對安卓虛擬鍵盤的自動化分析系統，它可以幫助我們快速地過濾出相對可疑的虛擬鍵盤。為了衡量 IMEAnalyzer，我們對台灣 Google Play Store 上的 112 個虛擬鍵盤做了自動化的測試與分析，最後成功篩選出 7.14% 的可疑虛擬鍵盤。

Third-party keyboards, namely input method editors (IMEs), are indispensable in the Android system for users to enter their sensitive information. To detect whether an IME stealthily collect those information or not, it is important to have a automated testing system to analyze IMEs efficiently. However, although there exist a lot of tools for Android app automated testing, for instance the monkey runner, none of them are applicable for testing IME services. The reason is that the components of IME service, such as the APIs and user interface, are different from the other Android application. Those tools simulate user tapping behavior by sending the keycode directly to EditText of application, and thus the IME service cannot receive the tapping events. As a result, in order to solve the problem and efficiently analyze privacy leakage issues in IMEs, we present IMEAnalyzer, the first automated IME testing system. IMEAnalyzer reconstructs IME layouts in advance and sends screen tapping commands to trigger keycode events for IMEs. Additionally, IMEAnalyzer supports three different user typing behavior models to mimic different user behaviors, and record all network traffic. By using IMEAnalyzer to speed up our analysis process, we study in the 112 most downloaded IMEs in Google Play Store and filter out 92.86% non suspicious IMEs.