android 测试 动态触发intent,基于静态污点分析的Android 应用Intent 注入漏洞检测方法 - 计算机科学.PDF...

基于静态污点分析的Android 应用Intent 注入漏洞检测方法 - 计算机科学

第 43 卷第9 期 计算机科学 Vo1. 43 No.9

2016 年 9 月 Computer Science Sep 2016

基于静态污点分析的 Android 应用 Intent 注入漏洞检测方法

王允超魏强武泽慧

(解放军信息工程大学 郑州1 45000 1) (数学工程与先进计算国家重点实验室 郑州，1 45000 1)

摘 要 针对Android 应用程序纽件间通信过程中的消息载体 Intent 有可能被攻击者构造进而引发纽件被恶意注入

的安全风险问题，提出了一种基于静态污点分析的检测方法。在构建Android 应用的函数调用图和控制流图的基础

上，通过跟踪应用纽件内和纽件间不可信 Intent 消息的污点传播过程，检测应用中潜在的 Intent 注入漏洞。用该方法

对4 类标准测试应用和 50 款第二方应用进行测试，实验结果表明了该方法的可行性和有效性。

关键词 Android，静态污点分析，函数调用图，控制流图，Intent 注入漏洞

中圄法分类号 TP309 文献标识码 A DOI 10. 11896/j. issn. 1002-137X. 2016. 9. 038

Approach of Android Applications Intent Injection Vulnerability Detection ßased on Static Taint Analysis

WANG Yun-chao WEI Qiang "而 Ze-hui

(PLA Infonnation Engineering University ,Zhengzhou 450001 ,China)

(State Key Laboratory of Mathematical Engineering and Advanced Computing ,Zhengzhou 450001 ,China)

Abstract As a message carrier in the process of component communication of Android application ,Intent can be mal

formed by an attacker ,leading to security risk of malicious component injection. A detection approach based on static

taint analysis was presented. On the basis of building call graph and control flow graph of Android application ,by tracking

the taint propagation with in and between components ,the potential Intent injection vulnerability can be detected. This

method is used to test four types of benchmark and fifty third-party applications ,and the experimental results show the

feasibility and effectiveness of the proposed approach.

Keywords Android , Static taint analysis ,Call graph ,Control flow graph , Intent injection vulnerability