CN103309808A - Label-based black box detection method and system for privacy disclosure of Android user - Google Patents

Abstract

The present invention relates to a label-based Android user privacy leakage black-box detection method and system. The detection steps are: 1) create user privacy data for an Android user terminal and add a category label to the user privacy data; The user terminal installs no less than one application program to be detected and triggers the application program to be detected; 3) Detects the category label carried in the data packet sent by the application program at the exit of the Internet, Bluetooth, and short message network; 4) Judging the category of the private data according to the category label carried in the data packet, and recording the result. It saves a lot of time for instruction analysis and taint propagation, and also avoids variables in all instructions of the application and intermediate variables during calculation, and saves a lot of memory overhead.

Description

Tag-based Black Box Detection Method and System for Android User Privacy Leakage

technical field

The invention relates to the detection of Android user privacy information, in particular to a method and an implementation system for detecting whether an Android application program sends out certain user privacy data based on a pre-set label, and belongs to the field of mobile terminal security. the

Background technique

At present, information technology has entered the mobile Internet era, and smart mobile terminals have increasingly become the main terminal form for users to conduct various network activities due to their portability and low cost. Compared with traditional mobile terminals, smart mobile terminals have higher-performance processors, larger storage space, higher mobile network data transmission capabilities, and open third-party mobile terminal operating systems, so a large number of businesses can be carried out with the help of smart mobile terminals applications to process more personal privacy data. These data, such as calls and text messages, geographic locations, social network accounts, bank account numbers, personal passwords, photos and videos, etc., are directly or indirectly linked to monetary interests, thus attracting the attention of many attackers, resulting in The growth rate of privacy-stealing malware is astonishing. According to the data in the "Global Mobile Security Report for the First Half of 2012" released by Netqin, 17,676 types of mobile malware were detected and killed in the first half of 2012, an increase of 42% compared to the second half of 2011. %, 12.83 million mobile phones were infected, of which privacy theft accounted for 23.2% of the infections. In order to fully protect the privacy and property security of users and promote the development of smart mobile devices, the research on privacy protection technology of smart mobile terminals has become the direction of common concern in the industry and academia. the

Data flow tracking control is one of the important directions of privacy protection for smart mobile terminals. The current data flow tracking control scheme sets taint labels for sensitive private data, monitors the execution of commands that process private data in Android applications, and sets rules to ensure that taint labels are in Effective dissemination during data processing, so as to track the flow of private data until the data flow leaves various channels of the mobile phone, preventing unauthorized leakage of private data. In 2010, Intel Labs, Pennsylvania Labs, and Duke University jointly developed the TaintDroid system for Android, which uses Android's DVM virtual machine architecture and performs lightweight extensions to perform four levels of taint. Tracking; in the same year, Georgios and other researchers developed the Paranoid Android system, using virtual machine recording and replay technology to copy and transmit the Android running state to a remote server, run virus killing and stain propagation detection on the server, and protect privacy leaks and other malicious intrusions. the

However, the existing Android data flow tracking privacy detection scheme uses data flow white-box tracking, which needs to intercept and analyze the operation of each instruction in the virtual machine in real time (such as data addition and subtraction, data string deformation, data copy, etc.), In addition, a large amount of memory is opened up in the system to store and disseminate the taint labels of data sources and intermediate data, so as to track the flow of private data and detect private data. This method brings a lot of performance consumption to the mobile terminal whose computing resources are already limited, and affects user experience. At present, in the field of smart mobile terminals, there is no efficient privacy data flow tracking method that does not require real-time monitoring instructions. Usually, during the running of each application program, the operations involved in instructions often have hundreds, thousands, tens of thousands or even higher orders of magnitude. Using the white box method of analyzing and tracking data flow one by one will bring a lot of time and memory. overhead. In addition, when many applications send the user's private data to the outside world, they usually just read, copy and send it, and rarely waste too much running time and computing resources to deform and encrypt it. the

Contents of the invention

The purpose of the present invention is to construct a label-based Android user privacy data black-box tracking detection method and system, adopting the black-box fast tracking method, setting type feature labels for different types of user data at the source, and then installing the application program to be detected , and automatically triggers the application behavior, treats all data processing within the application as a black box and does not interfere. Only at the exit of network information, the external data is intercepted, the data packets with labels are detected, and the private data sent by the application is determined. the

In order to achieve the above object, the present invention adopts the following technical solution—a label-based Android user privacy leak black-box detection method, including the following steps:

1) Create user privacy data for Android user terminals and add category tags to the user privacy data;

2) Install no less than one application program to be detected on the Android user terminal and trigger the application program to be detected;

3) Detect the category label carried in the data packet sent by the application at the data export;

4) Determine the category of the private data according to the category label carried in the data packet. the

Furthermore, the network outlet is one or more of Internet, Bluetooth or short message. the

Optionally, the user privacy data includes but is not limited to: contact list, application program list, short message content, SD card text data, log information, GPS geographic location information, IMEI device number, Bluetooth MAC address, WiFi MAC address , most recent calls. Or it can be defined by the user, which can be a large category, such as a contact list, or select part of the contact information to form a subcategory. the

Optionally, the category label sets one or more coded strings according to the type of user privacy data. the

Furthermore, the application program to be detected is installed manually or automatically:

The manual installation is manually installed by a tester on an Android terminal or a batch of application programs to be tested and opened one by one the installed application programs to be tested;

The automatic installation is connected to the Android user terminal through an existing automated installation and/or testing tool of the Android system, automatically installs one or a batch of application programs to be tested, and randomly simulates user behavior to automatically trigger application functions. the

Optionally, the Android user terminal is a debuggable intelligent terminal device: one or more of a mobile phone, a tablet computer, and a TV. the

Furthermore, at the Internet, bluetooth, the short message network outlet detects that the data packet sent by the application program is: the application program to be tested installed on the Android system is by calling the network socket interface function in the core library of the Android system, A packet sent to an external Internet address. the

Further, described in Internet, bluetooth, the method that the short message network exit detects whether data packet carries label is:

1) In the interface function responsible for sending data packets to the Internet and Bluetooth network at the bottom layer of Android, and in the interface function responsible for sending short messages to external phone numbers, by adding module functions to compare the identification information of the packet sender, intercept the batch to be tested The data packets to be sent by the application program through the interface function;

2) Take out the category label set of various user data, and use the string comparison method to detect whether the data packet contains certain category labels. If the data packet string contains at least one category label in the category label set of a certain type of user data, Then the data packet carries this type of user data. the

Furthermore, if the data packet carries this type of user data, the recorded detection result includes: the content of the data packet in the data, the category label carried, the category to which the category label belongs, the sending time of the data packet, and the name of the application program that sent the data packet. the

Furthermore, an Android internal database tool is used to create a detection result database for storing the detection results. the

The present invention also proposes a label-based Android user privacy leakage black-box detection system, including:

A device for creating user privacy data for an Android user terminal and adding a category label to the user privacy data;

A device for installing no less than one application program to be detected on an Android user terminal and triggering the application program to be detected;

A device for detecting the category label carried in the data packet sent out by the application at the Internet, Bluetooth, and short message network exits;

A device for judging the category of private data according to the category label carried in the data packet, and recording the result;

As well as a type label database and a detection result database. the

Beneficial effects of the present invention

The method of the present invention simply detects the data based on the data category label at the data flow outlet, which saves a lot of time for instruction analysis and stain propagation, and also avoids the variables in all instructions of the application program and the intermediate variables during calculation. And registers open up a special memory space for taint storage and propagation, saving a lot of memory overhead. the

Description of drawings

FIG. 1 is a schematic diagram of the architecture of a tag-based Android user privacy leakage black-box detection system according to the present invention. the

Detailed ways

The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. It can be understood that the described embodiments are only part of the embodiments of the present invention, not all Example. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without making creative efforts belong to the protection scope of the present invention. In an embodiment of the present invention, the detection method is as follows:

1) Create various user privacy data with category labels on the Android terminal test machine, and store the category labels in the category label database. the

2) Automatically or manually install the application to be tested, and automatically or manually trigger application behavior. the

3) At the Internet, Bluetooth, and short message network exits, detect whether and what kind of label is carried in the data packet sent out by the application to be tested. the

4) If a tag is detected, record the test result into the test result database inside the Android terminal tester. the

5) Testers can view the test results of single or multiple software under test by viewing the test result database file, or by using the pre-developed test result database reading software installed on the Android terminal test machine. the

In an embodiment of the present invention, the Android terminal testing machine is a debuggable intelligent terminal device such as a smart phone, a tablet, and a TV whose operating system is Android. Described application program to be tested comprises the application program facing Android smart phones, flat panels, TVs available for free or paid download on the Android application market at home and abroad, and the Android application program obtained from other channels. the

In an embodiment of the present invention, the user data includes a contact list, an application program list, short message content, SD card text data, log information, and GPS location information. The granularity of the user data category can be defined by the testing personnel. For example, the content of the short message can be regarded as a user category, and it can also be divided into three user categories: short messages in the inbox, short messages in the outbox, and draft boxes. short message. the

In an embodiment of the present invention, the method for creating user privacy data carrying category tags on the Android terminal testing machine is to edit users carrying category tags by relying on the Android system's own application, Android market application or self-developed Android application The data content is stored in the Android terminal test machine. the

The category label refers to one or more characteristic character strings unique to each category of user data, and its form may be a special phrase or a meaningless combination of characters. the

In another embodiment of the present invention, the category label is to use the Contact contact application program that comes with the Android system to edit several contact information, add "#SecretContact#" uniformly after the contact name, and the contact phone number is uniformly set to "13333333333", {"#SecretContact#", "13333333333"} as a set of category tags for contact data. the

In an embodiment of the present invention, the manual installation of the application program to be tested and the triggering of the application program behavior refer to the manual installation of one or a batch of application programs to be tested on the Android terminal testing machine by the staff participating in the detection, and then open the installation program one by one. A good application under test triggers its various application functions as comprehensively as possible. the

In one embodiment of the present invention, the automatic installation of the application program to be tested and the triggering of the application program behavior refer to writing computer program scripts with the help of some existing automatic installation and testing tools of Android itself, connecting the Android terminal testing machine, and automatically Automatically install one or a batch of application programs to be tested, and randomly simulate user behavior to automatically trigger various application functions. the

In another embodiment of the present invention, what needs to be detected is through the Internet, bluetooth, and the data packet sent out by the short message network outlet is the application program to be tested installed on the Android system, and calls the network socket interface function in the core library of the Android system , A data message packet sent to an external Internet address, Bluetooth address, or phone number. the

In one embodiment of the present invention, in Internet, bluetooth, the method that short message network exit detects whether data packet carries label is:

1) In the interface function responsible for sending data packets to the Internet and Bluetooth network in the Android underlying code file, and in the interface function responsible for sending short messages to external phone numbers, compare the identification information of the packet sender by adding module functions, and intercept The data packets to be sent by the application program in the batch to be tested through the interface function;

2) Take out the category label set of various user data, and use the string comparison method to detect whether the data packet contains certain category labels. If the data packet string contains at least one category label in the category label set of a certain type of user data, Then the data packet carries this type of user data. the

The implementation form of the test result database may be, but not limited to, pre-created by using the built-in sqlite database tool in Android. the

As shown in FIG. 1 , it is a schematic diagram of an architecture of a tag-based Android user privacy leakage black-box detection system of the present invention, wherein the system includes a test front-end and a test back-end. The test front end is set up on the Android terminal test machine, including the data export monitoring component, the test result database writing component, and two databases, the type label database and the test result database. The data export monitoring component is responsible for intercepting the outgoing data packets from the network and detecting whether they carry the type labels recorded in the type label database. The detection result database writing component is responsible for writing the detected data packets carrying tags and related information into the detection result database. the

The test backend is set up on a computer and connected to the Android terminal test machine through the USB debugging interface, mainly including the type label writing component, the automatic installation and debugging script component, and the test result data reading component. Among them, the type label set writing component provides testers with the function of storing pre-edited type label sets in the type label database of the test terminal, and the test result database reading component is capable of reading from the test result database of the terminal tester , the ability to query and display test results. the

A specific example of the present invention will be given below to describe the technical solution in the present invention clearly and completely. It should be understood that the described example is only a part of the examples of the present invention, rather than all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without making creative efforts belong to the protection scope of the present invention. the

This example describes how testers create user privacy data with category labels for contact list, SMS, IMEI device number, GPS location, and SD card files on the test terminal, and detect the leakage of user privacy data of these categories by an application The process of the situation is shown in Table 1:

1 The tester starts the test terminal and connects it to the test computer that can send instructions to it

2 Testers create user privacy data with category labels for contact list, SMS, IMEI device number, GPS location, and SD card files:

3. The tester invokes the type label writing component to write the above type label into the test terminal type label database. the

4. The tester calls the script program to install a batch of specified software to be tested on the test terminal, and automatically triggers their various software behaviors. the

5. During the software behavior triggering process, if the batch of software sends data packets to external Internet addresses, the data packets will be intercepted at the bottom layer to detect whether they carry the pre-set type tags. If it is carried, it will be recorded in the database. the

6. After the automatic trigger script program ends and stops running, the tester can view the privacy leakage report of the software under test by starting the detection result database reading component on the test back-end computer. the

Table 1

Claims (10)

1. the Android privacy of user based on label is revealed the black box detection method, the steps include:

1) adds in the described privacy of user data to Android user terminal establishment privacy of user data and with class label;

2) be no less than an application program to be detected and trigger described application program to be detected in the installation of Android user terminal;

3) detect the class label that carries in the outside packet that sends of described application program in the data outlet;

4) judge the private data classification according to the class label that carries in the described packet.

2. the Android privacy of user based on label as claimed in claim 1 is revealed the black box detection method, it is characterized in that, described network egress is one or more in Internet or bluetooth or the short message.

3. the Android privacy of user based on label as claimed in claim 1 is revealed the black box detection method, it is characterized in that, described privacy of user data based user be set as: one or more combinations in contacts list, the application list, content of short message, SD Cavan notebook data, log information, GPS geographical location information, OS Type, the IMEI device number.

4. the Android privacy of user based on label as claimed in claim 1 is revealed the black box detection method, it is characterized in that, described class label is set one or more coded strings according to the privacy of user data type.

5. the Android privacy of user based on label as claimed in claim 1 is revealed the black box detection method, it is characterized in that, described application program to be detected is installed by manual or automated manner:

Described manual installation by the testing staff in one of Android terminal manual installation or a collection of application program to be measured and the good application program to be measured of opening installation one by one;

Described Auto-mounting installs by the existing robotization of Android system and/or the instrument of test is connected to the Android user terminal, one of Auto-mounting or a collection of application program to be measured, and the stochastic model user behavior triggers application function automatically.

6. the Android privacy of user based on label as claimed in claim 1 is revealed the black box detection method, it is characterized in that, described Android user terminal is the adjustable intelligent terminal: one or more of mobile phone, panel computer, TV.

7. the Android privacy of user based on label as claimed in claim 2 is revealed the black box detection method, it is characterized in that, detecting the packet that described application program outwards sends at the network egress of described Internet or bluetooth or short message is: the application program to be measured that Android system is installed is by calling the short message transmission interface function of web socket interface function in the Android system core library or frameworks layer, the data-message bag that sends to outside Internet, Bluetooth address and external call.

8. the Android privacy of user based on label as claimed in claim 7 is revealed the black box detection method, it is characterized in that, and is described at Internet, bluetooth, and the method whether short message network egress detection packet carries label is:

1) intercepting and capturing the web socket interface function that called by upper level applications or system component at Android system core library layer will be to outside Internet address or the packet that sends of Bluetooth address; Intercept and capture the short message data bag that the short message transmission interface function that called by upper level applications or system component will send to outside telephone number at the Android system ccf layer;

2) class label that takes out all types of user data is gathered, adopt character string comparison mode, detect packet and whether comprise some class label, if this packet character string comprises a class label in certain class user data class label set at least, then this packet has carried such user data.

9. the Android privacy of user based on label as claimed in claim 7 is revealed the black box detection method, it is characterized in that, if packet carries such user data, then record testing result and comprise: according in packet content, entrained class label, class label under classification and Packet Generation time, send the application name of packet.

10. the Android privacy of user based on label is revealed the black box detection system, comprising:

Be used for the Android user terminal is created the privacy of user data and class label added to the device of described privacy of user data;

Be used at the Android user terminal device that is no less than an application program to be detected and triggers described application program to be detected being installed;

Device for the class label that carries at the outside packet that sends of the described application program of data outlet detection;

The class label that is used for carrying according to described packet is judged the private data classification, record result's device;

And type label database and testing result database.

Images