以動態使用者意圖分析偵測Android惡意程式

Yu-Chi Teng; 鄧昱奇

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/55810

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	洪士灝(Shih-Hao Hung)
dc.contributor.author	Yu-Chi Teng	en
dc.contributor.author	鄧昱奇	zh_TW
dc.date.accessioned	2021-06-16T05:08:49Z	-
dc.date.available	2016-08-25
dc.date.copyright	2014-08-25
dc.date.issued	2014
dc.date.submitted	2014-08-19
dc.identifier.citation	[1] “Android,” http://developer.android.com/index.html. [2] “Smartphone os:global market share 2009-2013, by quarter \| statistic,” http://expandedramblings.com/index.php/android-statistics/, 2013. [3] S. jie Chang, “Ape: A smart automatic testing environment for android malware,” Master’s thesis, National Taiwan University, 2013. [4] W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth,“Taintdroid:An information flow tracking system for real-time privacy monitoring on smartphones,” Commun. ACM, vol. 57, no. 3, pp. 99–106, Mar. 2014. [Online]. Available: http://doi.acm.org/10.1145/2494522 [5] e. a. Elish, Karim O., “A static assurance analysis of android application,” Virginia Polytechnic Institute and State University, Tech. Rep., 2013. [6] W.-C. W. Shih-Hao Hung, “Droiddolphin: a dynamic android malware detection framework using big data and machine learning,” in Proceedings of the 2014 Research in Adaptive and Convergent Systems, ser. RACS ’14.ACM, 2014. [7] A. Desnos and P. Lantz, “Droidbox: An android application sandbox for dynamic analysis,” 2011. [8] “Apimonitor,” https://code.google.com/p/droidbox/wiki/APIMonitor, 2012. [9] J. L. Manley, R. Tacke, B. L. Hogan, K. L. Friedman, J. D. Diller, B. M. Ferguson, S. V. Nyland, B. J. Brewer, W. L. Fangman, C. Saavedra et al., “Sr proteins and splicing control 1569,” Genes & development, 1996. [10] G. Sarwar, O. Mehani, R. Boreli, and M. A. Kaafar, “On the effectiveness of dynamic taint analysis for protecting against private information leaks on android-based devices.”in SECRYPT, 2013, pp. 461–468. [11] J. J. K. Chan, K. W. Tan, L. Jiang, and R. K. Balan, “The case for mobile forensics of private data leaks: Towards large-scale user-oriented privacy protection,” in Proceedings of the 4th Asia-Pacific Workshop on Systems, ser. APSys ’13.New York, NY, USA: ACM, 2013.
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/55810	-
dc.description.abstract	資料洩漏在Android上愈來愈嚴重，隨著Android平台上惡意程式的滋長，保護使用者的資料變得愈來愈難。一個惡意程式再Android上很容易取得使用者的資料，所以對於想要偷資料的開發者而言，只要寫個Android上的程式就可以透過Android框架獲得使用者隱私資訊。對於使用者而言，他很難知道Android上的程式是否依照他的意願使用他的隱私資料。這篇論文提供另外一個自動偵測惡意程式的方法。我們透過動態分析觀察使用者和程式的互動情形來判斷受測程式是否為惡意程式。最後，我們分析使用我們的方法，在一般程式和惡意程式的集合裡面，分別可以有多少的準確度，以及這個方法本身的限制。	zh_TW
dc.description.abstract	Data leakage problem of Android apps is becoming more and more severe. Due to the enlarging Android ecology and the emerging of booming of various bytes of Android malwares, it is hard to keep user’s important data safe. For a malware, to steal important data from user is easy. The attacker can write an app and retrieve the user or device information from Android framework. Users with these apps installed is hard to know whether the application is using his or her data in an authorized way. In this paper, we provide a methodology to analyze out-going data with the observation of user-application interactions. With observation, we can get some information about the behavior of the app. Then we identify whether the app is benign or malicious by judging if an app is treating user’s data in a proper way. In brief, we want to tell if an app is treating user’s data in a right way by judging how the user interacts with the app. In the end, we show how this method performs by testing a numbers of applications, which are classified into two sets, normal set and malicious set respectively. With the evaluation of our method, we illustrate the performance of our system and its limitation.	en
dc.description.provenance	Made available in DSpace on 2021-06-16T05:08:49Z (GMT). No. of bitstreams: 1 ntu-103-R01922101-1.pdf: 2357419 bytes, checksum: a115eab544051b3fe326c0cd9b7c3f00 (MD5) Previous issue date: 2014	en
dc.description.tableofcontents	Acknowledgments ... i 中文摘要 ... ii Abstract ... iii 1 Introduction ... 1 1.1 Motivation ... 1 1.2 Thesis Organization ... 2 2 Background and Related Works ... 4 2.1 Android ... 4 2.1.1 Dalvik Virtual Machine ... 4 2.1.2 Interpreter ... 5 2.1.3 Activity and View ... 6 2.1.4 Java Native Interface (JNI) ... 7 2.1.5 Emulator ... 7 2.1.6 Adb ... 7 2.1.7 Android Monkey ... 8 2.2 Dynamic Analysis ... 8 2.3 TaintDroid ... 8 2.4 APE ... 9 2.5 Static User Intention Based Analysis ... 10 2.6 Related Work ... 11 3 Dynamic User Intention Based Analysis ... 12 3.1 Software Architecture ... 12 3.1.1 Input Capturer ... 12 3.1.2 Trigger Checker ... 13 3.1.3 User Trigger Taint ... 15 3.2 Automatic Testing ... 16 3.3 Analysis ... 17 4 Evaluation ... 19 4.1 Experimental Setup ... 19 4.2 Test Set ... 20 4.3 Test Flow ... 20 4.4 Profiling ... 20 4.4.1 Error in Massive Testing ... 21 4.4.2 Tag Distribution Matrix ... 21 4.4.3 Profiling Result ... 22 4.5 Well Triggered Set ... 23 4.5.1 Scoring ... 24 4.6 Accuracy ... 25 5 Conclusion and Future Work ... 27 5.1 Conclusion ... 27 5.2 Future Work ... 27 Bibliography ... 29
dc.language.iso	en
dc.subject	安全	zh_TW
dc.subject	自動化測試	zh_TW
dc.subject	智慧型手機	zh_TW
dc.subject	資訊洩漏	zh_TW
dc.subject	隱私	zh_TW
dc.subject	Android	zh_TW
dc.subject	惡意程式	zh_TW
dc.subject	Privacy	en
dc.subject	Android	en
dc.subject	Security	en
dc.subject	Malware	en
dc.subject	Automatic Testing	en
dc.subject	Smartphone	en
dc.subject	Data Leakage	en
dc.title	以動態使用者意圖分析偵測Android惡意程式	zh_TW
dc.title	Android Malware Detection with Dynamic User Intention Based Analysis	en
dc.type	Thesis
dc.date.schoolyear	102-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	徐慰中(Wei-Chung Hsu),廖世偉(Shih-Wei Liao)
dc.subject.keyword	Android,安全,惡意程式,自動化測試,智慧型手機,資訊洩漏,隱私,	zh_TW
dc.subject.keyword	Android,Security,Malware,Automatic Testing,Smartphone,Data Leakage,Privacy,	en
dc.relation.page	30
dc.rights.note	有償授權
dc.date.accepted	2014-08-19
dc.contributor.author-college	電機資訊學院	zh_TW
dc.contributor.author-dept	資訊工程學研究所	zh_TW
顯示於系所單位：	資訊工程學系

文件中的檔案：

檔案	大小	格式
ntu-103-1.pdf 未授權公開取用	2.3 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。