Ape: Android系統惡意程式之自動化測試環境

Shih-Jie Chang; 張世杰

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/59054

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	洪士灝(Shih-Hao Hung)
dc.contributor.author	Shih-Jie Chang	en
dc.contributor.author	張世杰	zh_TW
dc.date.accessioned	2021-06-16T08:47:07Z	-
dc.date.available	2018-08-26
dc.date.copyright	2013-08-26
dc.date.issued	2013
dc.date.submitted	2013-08-20
dc.identifier.citation	[1] “Who is winning the u.s. smartphone battle?” 2011. [Online]. Available: http://blog. nielsen.com/nielsenwire/online mobile/who-is-winning-the- u-s-smartphone-battle. [2] “App store review guidelines.” 2012. [Online]. Available: http://developer.apple.com/ appstore/guidelines.html. [3] “Android security and permissions.” 2012. [Online]. Available: http://d.android.com/ guide/topics/security/security.html. [4] W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth, “Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones,” in Proceedings of the 9th USENIX conference on Operating systems design and implementation, ser. OSDI’10. Berkeley, CA, USA: USENIX Association, 2010, pp. 1–6. [Online]. Available: http://dl.acm.org/citation.cfm?id=1924943.1924971 [5] W. Enck, M. Ongtang, and P. McDaniel, “On lightweight mobile phone application certification,” in Proceedings of the 16th ACM conference on Computer and communications security, ser. CCS ’09. New York, NY, USA: ACM, 2009, pp. 235–245. [Online]. Available: http://doi.acm.org/10.1145/1653662.1653691 [6] M. Ongtang, S. McLaughlin, W. Enck, and P. McDaniel, “Semantically rich application- centric security in android,” in Proceedings of the 2009 Annual Computer Security Applications Conference, ser. ACSAC ’09. 29 Washington, DC, USA: IEEE ComputerSociety, 2009, pp. 340–349. [Online]. Available: http://dx.doi.org/10.1109/ACSAC. 2009.39 [7] L. Desmet, W. Joosen, F. Massacci, F. Piessens, I. Siahaan, and D. Vanoverberghe, “Se- curity by contract on the.net platform.” [8] J. Howell and S. Schechter, “What you see is what they get: Protecting users from un- wanted use of microphones, camera, and other sensors,” in In Proceedings of Web 2.0 Security and Privacy Workshop, 2010. [9] C. Mulliner, G. Vigna, D. Dagon, and W. Lee, “Using labeling to prevent cross-service attacks against smart phones,” in In Proc. of DIMVA’06, 2006. [10] J. Jung, A. Sheth, B. Greenstein, D. Wetherall, G. Maganis, and T. Kohno, “Privacy or- acle: A system for finding application leaks with black box differential testing,” in In Proceedings of ACM CCS, 2008. [11] A. R. Yumerefendi, B. Mickle, and O. P. Cox, “Tightlip: Keeping applications from spilling the beans,” in In Proc. 2007 NSDI, 2007. [12] A. Sabelfeld and A. C. Myers, “Language-based information-flow security,” IEEE Jour- nal on Selected Areas in Communications, vol. 21, p. 2003, 2003. [13] A. C. Myers, “Jflow: Practical mostly-static information flow control,” in In Proc. 26th ACM Symp. on Principles of Programming Languages (POPL, 1999, pp. 228–241. [14] A. C. Myers and B. Liskov, “Protecting privacy using the decentralized label model,” ACM Trans. Softw. Eng. Methodol., vol. 9, no. 4, pp. 410–442, Oct. 2000. [Online]. Available: http://doi.acm.org/10.1145/363516.363526 [15] N. Heintze and J. G. Riecke, “The slam calculus: programming with secrecy and in- tegrity,” in In POPL ’98: Proceedings of the 25th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 1998, pp. 365–377. 30[16] I. Roy, D. E. Porter, M. D. Bond, K. S. McKinley, and E. Witchel, “Laminar: practical fine-grained decentralized information flow control,” in Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation, ser. PLDI ’09. New York, NY, USA: ACM, 2009, pp. 63–74. [Online]. Available: http://doi.acm.org/10.1145/1542476.1542484 [17] B. Hicks, K. Ahmadizadeh, and P. Mcdaniel, “From languages to systems: Understanding practical application development in security-typed languages,” in In Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC 2006, 2006, pp. 11–15. [18] “Model checking.” 1999. [Online]. Available: http://www.worldcat.org/isbn/0262032708. [19] J. C. King, “Symbolic execution and program testing,” Commun. ACM, vol. 19, no. 7, pp. 385–394, Jul. 1976. [Online]. Available: http://doi.acm.org/10.1145/360248.360252 [20] K. Sen, D. Marinov, and G. Agha, “Cute: a concolic unit testing engine for c,” in Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering, ser. ESEC/FSE-13. New York, NY, USA: ACM, 2005, pp. 263–272. [Online]. Available: http://doi.acm.org/10.1145/1081706.1081750 [21] C. Gibler, J. Crussell, J. Erickson, and H. Chen, “Androidleaks: automatically detecting potential privacy leaks in android applications on a large scale,” in Proceedings of the 5th international conference on Trust and Trustworthy Computing, ser. TRUST’12. Berlin, Heidelberg: Springer-Verlag, 2012, pp. 291–307. [Online]. Available: http://dx.doi.org/10.1007/978-3-642-30921-2_17 [22] C. Zheng, S. Zhu, S. Dai, G. Gu, X. Gong, X. Han, and W. Zou, “Smartdroid: an automatic system for revealing ui-based trigger conditions in android applications,” in Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices, ser. SPSM ’12. New York, NY, USA: ACM, 2012, pp. 93–104. [Online]. Available: http://doi.acm.org/10.1145/2381934.2381950 31[23] V. Haldar, D. Chandra, and M. Franz, “Dynamic taint propagation for java,” in In Proceed- ings of the 21st Annual Computer Security Applications Conference, 2005, pp. 303–311. [24] W. G. J. Halfond, A. Orso, and P. Manolios, “WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation,” Transactions on Software Engineering, vol. 34, no. 1, pp. 65–81, 2008. [25] D. Chandra and M. Franz, “Fine-grained information flow analysis and enforcement in a java virtual machine,” Computer Security Applications Conference, Annual, vol. 0, pp. 463–475, 2007. [26] S. K. Nair, P. N. D. Simpson, B. Crispo, and A. S. Tanenbaum, “A virtual machine based information flow control system for policy enforcement,” Electron. Notes Theor. Comput. Sci., vol. 197, no. 1, pp. 3–16, Feb. 2008. [Online]. Available: http://dx.doi.org/10.1016/j.entcs.2007.10.010 [27] F. Nentwich, N. Jovanovic, E. Kirda, C. Kruegel, and G. Vigna, “Cross-site scripting pre- vention with dynamic data tainting and static analysis,” in In Proceeding of the Network and Distributed System Security Symposium (NDSS’07, 2007. [28] W. Xu, E. Bhatkar, and R. Sekar, “Taint-enhanced policy enforcement: A practical ap- proach to defeat a wide range of attacks,” in In 15th USENIX Security Symposium, 2006, pp. 121–136. [29] A. Yip, X. Wang, N. Zeldovich, and M. F. Kaashoek, “Improving application security with data flow assertions,” in Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, ser. SOSP ’09. New York, NY, USA: ACM, 2009, pp. 291–304. [Online]. Available: http://doi.acm.org/10.1145/1629575.1629604
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/59054	-
dc.description.abstract	由於現代的行動裝置越來越普及，功能也越來越強大，其中所隱含的個人隱私資料也越來越龐大，這些隱私資料不只是使用者的個人資料，也包含這台裝置上的感應器收集到的資訊，如GPS位置等等。但是在行動裝置擁有越來越大量隱私資料的同時，也讓這些私密資料被洩漏出去的風險越來越高，不論是不小心的還是惡意的洩漏。 Google 開發的 Android 作業系統提供了一套基於權限的安全機制來限制應用程式無法隨意存取使用者的私密資料，然而這套機制卻不夠縝密導致許多惡意程式仍然可以逃過此機制。為了解決這個問題，我們提出了一套結合了聰明的事件產生器與動態分析工具的自動化偵測環境，名為Ape，是一套能夠自動偵測 Android 應用程式是否會洩漏敏感資料的服務。利用 Ape，使用者可以事先檢查任何一個從第三方網站下載的應用程式，並且得到一份分析報告包含資料是否洩漏以及一個特定的 Activity Call Graph (ACG)，供使用者做進一步的分析。為了分析 Ape 的效能，我們從數個 Android 第三方網站中總計下載了 500 個應用程式。我們和 Android Monkey 做比較，發現在惡意程式類別中 Ape 偵測到 86 個程式洩漏資料，而 Android Monkey 最多也只能偵測到 31 個資料洩漏。在時間的比較上，Ape 平均一次測試需要 1983 秒，效率遠比 Android Monkey 的隨機點擊還高。	zh_TW
dc.description.abstract	As mobile devices become more widespread and powerful, many of them store sensitive data, and personal information, as well as sense the surrounding environment. Those mobile applications which have access to the storage and sensors may leak sensitive data maliciously. While the Android system provides a permissions-based security model to protect against such malware, the security model is too coarse-grained and does not work well in practice. To help detect malware, we propose a smart automatic testing environment, called Ape, a service which combines a smart input generator and a dynamic taint analysis tool for automatically finding data leaks of sensitive information in Android applications. With Ape, user can inspect an application before using it, and get a data leakage report with specific Activity Call Graph (ACG) for further analysis. In this thesis work, we evaluate the efficacy of Ape by testing 500 Android applications downloaded from several Android markets. Compared with Android Monkey, Ape quickly found that 86 applications have leaked private data while Android Monkey only detected 31 applications in its best effort. On average, Ape can complete a test in 1983 seconds, which is much more efficient than the Android Monkey's random clicking.	en
dc.description.provenance	Made available in DSpace on 2021-06-16T08:47:07Z (GMT). No. of bitstreams: 1 ntu-102-R00922094-1.pdf: 3017448 bytes, checksum: 5a0900b434e634f0933a9142ca162afc (MD5) Previous issue date: 2013	en
dc.description.tableofcontents	Acknowledgments . . . . . . i 中文摘要 . . . . . ii Abstract. . . . . iii 1 Introduction . .1 1.1Thesis Organization . . . . . . .. . . 2 2 Related Work .. ... . . . . . . . . 3 3 Background . . . .. . 5 3.1 Activity and Lifecycle. . . .5 3.2 Java Native Interface(JNI) . . . . . . . . . 6 3.3 . Android Monkey . . . . . . 9 4 Framework and Implementation . . . . . . . . 10 4.1 Taintdroid . . . 10 4.2 Input generator . . . . 11 4.3 Activity Call Graph. . . . . . . 12 4.3.1 Implementation . . . . . . . . . . . . 13 4.3.2 Limitation. . . . . 13 4.3.3 Solution . . . . 14 5 Experimental Results. . . .16 5.1 Single Malware Analysis .. . . . . . 17 5.2 Category Analysis. . . . . . . . . .. . . . . . 19 5.3 Time Consuming Analysis . . . .. . . . . . . . 23 5.4 Combination with Android Monkey . . . . . . . . 23 6 Future Work . . . . 26 7 Conclusion . . . . . . 28 Bibliography . . . . 29
dc.language.iso	en
dc.subject	雲端服務	zh_TW
dc.subject	惡意程式	zh_TW
dc.subject	資料洩漏	zh_TW
dc.subject	自動化測試	zh_TW
dc.subject	智慧型手機	zh_TW
dc.subject	automatic testing	en
dc.subject	malware	en
dc.subject	data leakage	en
dc.subject	Cloud Service	en
dc.subject	Smartphone	en
dc.title	Ape: Android系統惡意程式之自動化測試環境	zh_TW
dc.title	Ape: A Smart Automatic Testing Environment for Android Malware	en
dc.type	Thesis
dc.date.schoolyear	101-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	廖世偉(Shih-Wei Liao),鍾葉青(Yeh-Ching Chung),徐慰中(Wei-Chung Hsu)
dc.subject.keyword	惡意程式,資料洩漏,自動化測試,智慧型手機,雲端服務,	zh_TW
dc.subject.keyword	malware,data leakage,automatic testing,Smartphone,Cloud Service,	en
dc.relation.page	32
dc.rights.note	有償授權
dc.date.accepted	2013-08-20
dc.contributor.author-college	電機資訊學院	zh_TW
dc.contributor.author-dept	資訊工程學研究所	zh_TW
顯示於系所單位：	資訊工程學系

文件中的檔案：

檔案	大小	格式
ntu-102-1.pdf 未授權公開取用	2.95 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。