CN104484607A - Universal method and universal system for performing safety testing on Android application programs - Google Patents
Universal method and universal system for performing safety testing on Android application programs Download PDFInfo
- Publication number
- CN104484607A CN104484607A CN201410781145.XA CN201410781145A CN104484607A CN 104484607 A CN104484607 A CN 104484607A CN 201410781145 A CN201410781145 A CN 201410781145A CN 104484607 A CN104484607 A CN 104484607A
- Authority
- CN
- China
- Prior art keywords
- code
- program
- tested
- universal method
- safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention discloses a universal method and a universal system for performing safety testing on Android application programs. The universal method comprises the following steps of unpacking and decompiling a to-be-tested program to obtain an XML (extensive markup language) source code; then, through static analysis on configuration files and the code of the to-be-tested program, performing vulnerability detection and safety testing on the aspects of component exposed vulnerability, cryptology misuse, webview code execution vulnerability and code protection; then, performing actual running on the to-be-tested program, and configuring a network detection environment; finally, performing dynamic analysis, and performing dynamic vulnerability detection and the safety testing on three aspects of information leakage, data transmission safety and data storage safety, thus obtaining a vulnerability detection and safety testing report. According to the universal method and the universal system disclosed by the invention, by performing a static analysis and dynamic analysis combination mode on an optional Android application program and through a series of steps of detection and estimation, safety flaws and potential safety hazards existing in the aspects of design and implementation of the application program can be finally given out.
Description
Technical field
What the present invention relates to is a kind of technology of information security field, relates to a kind of method and system of Android application program being carried out to security test.
Background technology
Along with the development of mobile Internet and smart machine are popularized, the types of applications program burst based on android system increases.The thing followed is increasing of the safety issue of Android application program itself.Because Android application developer level is uneven, the coding criterion requirement that developer is ununified, the awareness of safety of developer itself is relatively weak, and this barrel layers of Android platform does not go out poor 0day leak, Android application program all can be caused to occur various leak and easily suffer all kinds of attack.
On the one hand, Android application program needs process from the Various types of data of user, as bank's class application program needs process user e-bank relevant sensitization information, communication class application program needs to process the relevant sensitive data etc. of privacy of user, suffers a loss causing the interests of user if cannot correctly and safely use and process these data.On the other hand, each application program itself also suffers the threat from the external world, Android platform rogue program emerges in an endless stream, reverse and crack also relatively easy, if application program exists any tiny security careless mistake and mistake, be all likely utilized, cause the benefit damage of developer own, as copyright is invaded, algorithm is cracked.
The a set of general holistic approach for the test of Android applications security of current shortage and flow process, namely general method can be used to types of applications program, the security covering various aspects detects, make the application program of distribution exempt from the infringement of all kinds of leak and attack, cause the benefit damage of developer and user.
Through finding the retrieval of prior art, open (bulletin) the day 2009.03.25 of Chinese patent literature CN101393521, disclose the extraction system of the window application internal curing data of a kind of software analysis and field of information security technology, executable file type information identification module identifies the form of executable file, development language kind, protect types; The executable file that the anti-protection module of executable file is responsible for adding protected code shell protection is instead protected; Executable file code analysis module carries out dis-assembling, decompiling to executable file, is collected and higher-level language code, and obtains structure and logical message; When cryptography analysis module is responsible for the data message fixed having cryptographic storage in executable file, the cryptographic algorithm adopted in executable file is identified; Executable file debugging checks run duration program internal state with information extraction modules in its pilot process run, thus information extraction.Fixing data message in a program can be extracted and analyze to this technology effectively, provides its production method and raw information.But this technology can only process the application program of windows platform, and this technology mainly for comprising application program inner structure, logic, cryptographic algorithm supervisor internal information extract, and cannot provide application program potential safety hazard in realization and the relevant test result of application security leak supervisor security.
Open (bulletin) the day 2014.04.23 of Chinese patent literature CN103746992A, disclose a kind of based on reverse intruding detection system and method thereof, this technological system comprises data extraction module, conversed analysis module, intrusion rule module, respond module and data management module.This technical method comprises: 1. data extraction module catches all network packet through Android mobile phone, send to conversed analysis engine, data extraction module obtains network process and user behavior, and generation system daily record and network log send to data management module; 2. conversed analysis engine is by ICP/IP protocol analytical technology and apk decompiling reversal technique, coupling system daily record and network log identification intrusion behavior; 3. respond module is warned and record the intrusion behavior that conversed analysis engine identifies; 4. the information that user is all can leave in data management module, and after convenient, evidence obtaining is searched.This technology has security, ageing, extensibility and advanced.But this system does program mainly through analysis network traffics and program code and equipment intrusion behavior detects, fragility and the security breaches that cannot carry out application programs itself make the result assessed and detect.
Open (bulletin) the day 2012.12.19 of Chinese patent literature CN102831342A, disclose a kind of method improving application program protection intensity in Android system, comprise the steps: to create secure virtual machine, its secure virtual machine is for performing the second code instructions corresponding to the first code instructions in its application program; Create the mapping table of the first code instructions and its second code instructions performed by its secure virtual machine performed by Dalvik virtual machine; According to its mapping table, its first code instructions in its application program is converted to its second code instructions; Its first code instructions is deleted from its application program, and the method for calling calling its deleted first code instructions in its application program is changed to local method of calling; Create local calling interface; When needs perform the first code instructions in its application program, its Dalvik virtual machine performs its local calling interface; Its local calling interface calls its secure virtual machine, performs its second code instructions by its secure virtual machine.But technology is protected by force original code implementation and is added large program and to be cracked and reverse difficulty by this technology; but not in essence the security breaches of program and fragility are not tested and assessed, just allow the potential leak that may exist be found and the difficulty that utilizes strengthens.
Summary of the invention
The present invention is directed to prior art above shortcomings, universal method and the system of the test of a kind of Android applications security are proposed, the mode that can be combined by Static and dynamic analysis to all Android application programs, by the detection of series of steps and assessment, can finally can provide safety defect and hidden danger that the Design and implementation of application program own exists.
The present invention is achieved by the following technical solutions:
The present invention relates to the universal method of a kind of Android applications security test, comprise the following steps:
1) treat test procedure unpack and carry out decompiling, obtain XML source code, concrete steps comprise:
1.1 decompress(ion) apk routine packages, obtain executable file wherein, the main inventory file of Android, and resource file etc.
1.2 decompiling dex executable files, obtain smali code or Java code.
The 1.3 main inventory file Manifest.xml of decoding and other resource files, obtain xml plain text source code.
2) by configuration file and the code of static analysis program to be tested, comprising: the static Hole Detection of assembly exposure leak, cryptography misuse, webview code execution leak, code protection aspect and safety test, concrete steps comprise:
The manifest file that the 2.1 scanning first steps obtain, exposes the detection of leak by carrying out assembly to the analysis of component property value.
The decompiling code of the dex executable file that the 2.2 scanning first steps obtain, carries out the detection of cryptography misuse by the parameter such as encrypting messages, cryptographic algorithm, encryption key analyzing encryption function.
The decompiling code of the dex executable file that the 2.3 scanning first steps obtain, by analyzing the function call interface of the concrete leaky existence that webview uses, detecting and whether there is webview code execution leak.
2.4 application programs are carried out beating again bag and are attempted, and judge whether application program has been done and prevent secondary from beating again bag protection; The decompiling code of the dex executable file that the scanning first step obtains, judges whether application program has done Code obfuscation protection.
3) program to be tested is carried out actual motion and configuration network testing environment, concrete steps comprise:
Program to be tested to be installed in physical device and to run by 3.1;
Physical device is connected to analysis main frame by USB by 3.2, and opens the USB debugging option on equipment;
3.3 configuration networks make analysis main frame can catch the network traffic of program to be tested.
Described seizure adopts but is not limited only to:
A) WAP making physical device linking parsing main frame arrange, arranges the proxy server of the WIFI access point on equipment for analyzing main frame, and open agency service function on analysis main frame; Or
B) on analysis main frame, open the network transmission that network monitoring software monitors program to be tested and the data received.
4) carry out performance analysis, to dynamic Hole Detection and the safety test of leakage of information, data transmission security and data storage security three aspects, concrete steps comprise:
4.1 normally use program to be tested, and in operational process, by USB with analyze main frame be connected and detect log information that program to be tested prints on equipment judge whether such as encryption algorithm key, should encrypt communication data packet plaintext, relate to the leakage of privacy of user as sensitive informations such as contact person's notes;
4.2 normally use program to be tested, and utilize the network monitoring analyzed on main frame to catch the network communication data of program to be tested, and whether in operational process, analyzing its network communication and transmission is the safety problem whether plaintext and transmission ciphertext are cracked.
4.3 normally use program to be tested, and in operational process, analyze the security whether data that program to be tested stores and file can be read and write or perform to judge that its data store.
These leaks above-mentioned all may cause the stealing of the responsive and confidential data of application program and information, leak, deciphering etc., the equivalent risk that also may cause that authority and function are leaked and abused, copyright is stolen and cryptographic protocol is cracked in addition.
5) draw Hole Detection and safety test report, content comprises: the application component list be exposed; There is the code snippet list of cryptography misuse situation in application program; The code snippet list that webview code performs leak is there is in application program; Whether do and beaten again bag protection and whether done the judged result of Code obfuscation; By the sensitive information list revealed; Whether communication data is encrypted, if encryption uses SSL, whether realizes certificate binding, whether realizes certificate correct verification; Whether the data stored can by the unauthorized acquisitions of third party.
Technique effect
Compared with prior art, the mode that the present invention is combined by static analysis and performance analysis, can more accurately comprehensively the attack of the various aspects suffered that application programs is possible and risk carry out testing and detecting.Owing to still there is no the general testing process to arbitrary Android applications security and the method for complete set at present; use the present invention intactly can make assessment to arbitrary Android application program at the safety defect realized and design and leak; comprise the assembly leak in code; cryptography is misapplied; webview leak, data are transmitted, and data store; leakage of information, the various aspects such as programmed protection.Data store, data are transmitted, leakage of information aspect can be more accurate, effectively reduce rate of false alarm to use method of the present invention to detect.And detection components leak, webview code performs leak, and cryptography misuse then can reduce rate of failing to report, finds potential potential safety hazard.
Accompanying drawing explanation
Fig. 1 is embodiment test schematic diagram.
Embodiment
Elaborate to embodiments of the invention below, the present embodiment is implemented under premised on technical solution of the present invention, give detailed embodiment and concrete operating process, but protection scope of the present invention is not limited to following embodiment.
Embodiment 1
As shown in Figure 1, the present embodiment comprises the following steps:
1) treat ranging sequence to unpack, and carry out decompiling: after using the reverse instrument decompiling dex code of the Android platform such as apktool or jeb and the manifest.xml configuration file of decoding Android,
2) to the decompiling code obtained and the configuration file obtained of decoding, the security using Static Analysis Method to carry out four aspects detects:
2.1) assembly exposes: the assembly in scanning manifest file, exported setup of attribute is true, exported is not set and have intent ?filtered, exported is not set and sdkversion be set to be less than or equal to 16 provider, all represent that this assembly exposes.
2.2) cryptography misuse: define a set of cryptography and use standard, IV as CBC encryption mode must be random, should not use ECB encryption mode etc., and by the source code after the static decompiling of scanning, search a series of encryption function in Java, as Cipher.doFinal, KeySpec initialization function etc., by checking the parameter value of these functions, judge whether to have in code this standard of violating.
2.3) Webview code performs leak: detect in the code of static decompiling and be less than or equal to 16 as used addJavascriptInterface method and defining targetSdkVersion in manifest.xml, then there is this leak.
2.4) code protection: rerun successful if bag application program beaten again by use apktool and signapk instrument, then represent that application program beats again bag protection, and failed then representation program has done to beat again to wrap and protected.If the variable name of the key code that decompiling goes out, method name, class name etc. do not become and insignificantly to substitute as abcd etc., then represent and do not carry out Code obfuscation.
3) program actual motion to be tested is configured detection of dynamic environment.Application program is mounted to terminal device and runs, normal all functions using application program, carry out dynamic test, configuration dynamic test environment, and equipment use USB is connected to analysis main frame, and opens the USB debugging option on equipment; Configuration network test environment makes analysis main frame can catch the network traffic of application program, and method includes but are not limited to the WAP making equipment connection analyze main frame setting; The proxy server of the WIFI access point on equipment is set for analyzing main frame, and opens agency service function etc. on analysis main frame; Analyzing the network transmission of main frame being opened network monitoring software monitoring application program and the data received.
4) dynamic security under the test environment, carrying out three aspects detects.
4.1) leakage of information: use adb logcat function on analysis main frame, filter tested application log information, look into and see if there is sensitive information output, sensitive information comprises the cryptographic function key parameter that uses as the key of symmetric encipherment algorithm, the plaintext version of the content that should encrypt, the private data etc. of user.If have, there is leakage of information risk.
4.2) data transmission security: use network agent instrument to check application program network traffic, http is used then to represent communication data unencryption, enforcement man-in-the-middle attack is attempted, then prove that SSL certificate is not verified as https flow can be deciphered after replacing certificate, can decipher https flow after the CA root certificate of self-defined certificate is signed and issued in installation on mobile phone and then prove that SSL certificate is not bound, three kinds of situations all can cause the dangerous transmission of confidential data.
4.3) data storage security: if check/data/data under exist under this application catalog file permission be set to other users readable, can write and maybe can perform, or this application program can deposit responsive confidential data on SD card, then represent that this application data storage exists safety issue.
5) sum up the security testing result of above 7 aspects, form report.Content comprises:
A) the application component name list exposed.
The code snippet of the cryptography misuse b) in application program.
C) the webview bug code fragment list used in application program, namely employs the list of this CWinInetConnection of addJavascriptInterface.
D) application program whether carried out secondary beat again bag protection, whether carried out Code obfuscation.
E) the sensitive information list of application program leakage, namely has the daily record fragment of sensitive information in logcat.
F) application program uses the address list expressly connected in network communications, connects, then whether realize certificate correct verification if employ SSL, whether realizes certificate binding.
G) application program can by the listed files of other application programs without granted access.
Claims (8)
1. a universal method for Android applications security test, is characterized in that, comprise the following steps:
1) treat test procedure unpack and carry out decompiling, obtain XML source code;
2) by configuration file and the code of static analysis program to be tested, comprising: the static Hole Detection of assembly exposure leak, cryptography misuse, webview code execution leak, code protection aspect and safety test;
3) program to be tested is carried out actual motion and configuration network testing environment;
4) performance analysis is carried out, to dynamic Hole Detection and the safety test of leakage of information, data transmission security and data storage security three aspects;
5) Hole Detection and safety test report is drawn.
2. the universal method of Android applications security test according to claim 1, is characterized in that, described step 1) specifically comprise:
1.1 decompress(ion) apk routine packages, obtain executable file wherein, the main inventory file of Android and resource file;
1.2 decompiling dex executable files, obtain smali code or Java code;
The 1.3 main inventory file Manifest.xml of decoding and other resource files, obtain xml plain text source code.
3. the universal method of Android applications security test according to claim 1, is characterized in that, described step 2) specifically comprise:
The manifest file that the 2.1 scanning first steps obtain, exposes the detection of leak by carrying out assembly to the analysis of component property value;
The decompiling code of the dex executable file that the 2.2 scanning first steps obtain, carries out the detection of cryptography misuse by the parameter such as encrypting messages, cryptographic algorithm, encryption key analyzing encryption function;
The decompiling code of the dex executable file that the 2.3 scanning first steps obtain, by analyzing the function call interface of the concrete leaky existence that webview uses, detecting and whether there is webview code execution leak;
2.4 application programs are carried out beating again bag and are attempted, and judge whether application program has been done and prevent secondary from beating again bag protection; The decompiling code of the dex executable file that the scanning first step obtains, judges whether application program has done Code obfuscation protection.
4. the universal method of Android applications security test according to claim 1, is characterized in that, described step 3) specifically comprise:
Program to be tested to be installed in physical device and to run by 3.1;
Physical device is connected to analysis main frame by USB by 3.2, and opens the USB debugging option on equipment;
3.3 configuration networks make analysis main frame can catch the network traffic of program to be tested.
5. the universal method of Android applications security test according to claim 4, it is characterized in that, described seizure adopts:
A) WAP making physical device linking parsing main frame arrange, arranges the proxy server of the WIFI access point on equipment for analyzing main frame, and open agency service function on analysis main frame; Or
B) on analysis main frame, open the network transmission that network monitoring software monitors program to be tested and the data received.
6. the universal method of Android applications security test according to claim 1, is characterized in that, described step 4) specifically comprise:
4.1 normally use program to be tested, and in operational process, by USB with analyze main frame and be connected and detect the leakage that log information that program to be tested prints on equipment judges whether sensitive information;
4.2 normally use program to be tested, and utilize the network monitoring analyzed on main frame to catch the network communication data of program to be tested, and whether in operational process, analyzing its network communication and transmission is the safety problem whether plaintext and transmission ciphertext are cracked;
4.3 normally use program to be tested, and in operational process, analyze the security whether data that program to be tested stores and file can be read and write or perform to judge that its data store.
7. the universal method of Android applications security test according to claim 6, it is characterized in that, described sensitive information comprises: the file content that encryption algorithm key, the plaintext of communication data packet that should encrypt, third party cannot read, relate to privacy of user as contact person's note.
8. the universal method of Android applications security test according to claim 6, it is characterized in that, described Hole Detection and safety test report comprise: the application component list be exposed, there is the code snippet list of cryptography misuse situation in application program, the code snippet list that webview code performs leak is there is in application program, whether do and beaten again bag protection and whether done the judged result of Code obfuscation, by the sensitive information list revealed, whether communication data is encrypted, if encryption uses SSL, whether realize certificate binding, whether realize certificate correct verification, whether the data stored can by the unauthorized acquisitions of third party.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410781145.XA CN104484607A (en) | 2014-12-16 | 2014-12-16 | Universal method and universal system for performing safety testing on Android application programs |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410781145.XA CN104484607A (en) | 2014-12-16 | 2014-12-16 | Universal method and universal system for performing safety testing on Android application programs |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104484607A true CN104484607A (en) | 2015-04-01 |
Family
ID=52759148
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410781145.XA Pending CN104484607A (en) | 2014-12-16 | 2014-12-16 | Universal method and universal system for performing safety testing on Android application programs |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104484607A (en) |
Cited By (46)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104778409A (en) * | 2015-04-16 | 2015-07-15 | 电子科技大学 | Method and device for detecting similarities of Android application software |
| CN104966031A (en) * | 2015-07-01 | 2015-10-07 | 复旦大学 | Method for identifying permission-irrelevant private data in Android application program |
| CN105068921A (en) * | 2015-07-23 | 2015-11-18 | 清华大学 | App comparative analysis based Android application store credibility evaluation method |
| CN105512045A (en) * | 2015-12-24 | 2016-04-20 | 珠海市君天电子科技有限公司 | Application program testing method and device and testing equipment |
| CN105630684A (en) * | 2016-01-26 | 2016-06-01 | 百度在线网络技术(北京)有限公司 | Software development kit identification method and device |
| CN106156630A (en) * | 2015-04-23 | 2016-11-23 | 阿里巴巴集团控股有限公司 | The leak detection method of a kind of application program installation kit and device |
| WO2016206393A1 (en) * | 2015-06-26 | 2016-12-29 | 中兴通讯股份有限公司 | Method and apparatus for managing application and method and apparatus for implementing read-write operation |
| CN106294068A (en) * | 2016-08-03 | 2017-01-04 | 福建星海通信科技有限公司 | A kind of Android system APK method for managing and monitoring and device thereof |
| CN106326744A (en) * | 2016-08-18 | 2017-01-11 | 广州视睿电子科技有限公司 | Method and device for judging confused file |
| CN106709359A (en) * | 2017-01-05 | 2017-05-24 | 中国电子科技网络信息安全有限公司 | Detection method of Android application vulnerabilities |
| CN106815527A (en) * | 2016-12-01 | 2017-06-09 | 全球能源互联网研究院 | The detection method and device of a kind of IOS application datas safety |
| CN106845171A (en) * | 2017-01-20 | 2017-06-13 | 暨南大学 | A kind of Android application codes protection mechanism discrimination method |
| CN106874760A (en) * | 2016-12-23 | 2017-06-20 | 浙江工业大学 | A kind of Android malicious code sorting techniques based on hierarchy type SimHash |
| CN106992853A (en) * | 2015-10-27 | 2017-07-28 | 信特尼有限公司 | Password program variation |
| CN107122666A (en) * | 2016-12-05 | 2017-09-01 | 招商银行股份有限公司 | The methods of risk assessment and device of financial application |
| CN107133519A (en) * | 2017-05-15 | 2017-09-05 | 华中科技大学 | Privacy compromise detection method and system in a kind of Android application network communication |
| CN107133501A (en) * | 2017-03-20 | 2017-09-05 | 福建天晴数码有限公司 | The safety detection method and system of a kind of APK file |
| CN107239702A (en) * | 2016-03-29 | 2017-10-10 | 腾讯科技(深圳)有限公司 | The method and device of a kind of security breaches detection |
| CN107330325A (en) * | 2017-06-30 | 2017-11-07 | 北京金山安全管理系统技术有限公司 | The authentication method and device of application file |
| CN107341403A (en) * | 2017-07-24 | 2017-11-10 | 北京理工大学 | A kind of document conversion method and device |
| CN107798244A (en) * | 2016-09-07 | 2018-03-13 | 杭州萤石网络有限公司 | A kind of method and device for detecting Remote Code Execution Vulnerability |
| CN107832619A (en) * | 2017-10-10 | 2018-03-23 | 电子科技大学 | Vulnerability of application program automatic excavating system and method under Android platform |
| CN108173832A (en) * | 2017-12-25 | 2018-06-15 | 四川长虹电器股份有限公司 | Family's Internet of Things application system penetration testing method based on end cloud translocation |
| CN108520179A (en) * | 2018-04-09 | 2018-09-11 | 福建中金在线信息科技有限公司 | A kind for the treatment of method and apparatus of webview loopholes |
| CN108830084A (en) * | 2018-06-12 | 2018-11-16 | 国网江苏省电力有限公司无锡供电分公司 | Realize the handheld terminal and means of defence of computer information safe protection vulnerability scanning and protective reinforcing |
| CN109344634A (en) * | 2018-09-28 | 2019-02-15 | 东软集团股份有限公司 | Permission giving method, device, terminal and the computer readable storage medium of application |
| CN109711151A (en) * | 2017-10-25 | 2019-05-03 | 武汉安天信息技术有限责任公司 | A kind of prediction technique, system and the device of application program bad behavior |
| CN110134608A (en) * | 2019-05-20 | 2019-08-16 | 人立方智能科技有限公司 | Android application evaluation system and its working method |
| CN110232146A (en) * | 2019-04-30 | 2019-09-13 | 北京邮电大学 | A kind of data grab method and grabbing device |
| CN110390185A (en) * | 2018-04-20 | 2019-10-29 | 武汉安天信息技术有限责任公司 | Packet is beaten again using detection method, regular base construction method and relevant apparatus |
| CN110769008A (en) * | 2019-11-05 | 2020-02-07 | 长沙豆芽文化科技有限公司 | Data security protection method and device and service equipment |
| CN110858141A (en) * | 2018-08-23 | 2020-03-03 | 西门子股份公司 | Method, device and storage medium for evaluating codes in layered architecture software |
| CN111046387A (en) * | 2019-12-05 | 2020-04-21 | 深圳市任子行科技开发有限公司 | Analysis and detection method and system for APP uploading user information |
| CN111382437A (en) * | 2020-03-03 | 2020-07-07 | 思客云(北京)软件技术有限公司 | Defect detection method, device and computer readable storage medium based on configuration analysis engine |
| CN111611590A (en) * | 2020-05-22 | 2020-09-01 | 支付宝(杭州)信息技术有限公司 | Method and device for data security related to application program |
| CN112073584A (en) * | 2019-08-27 | 2020-12-11 | 烟台中科网络技术研究所 | Risk assessment method for App to collect personal sensitive information of user |
| CN112182581A (en) * | 2020-09-24 | 2021-01-05 | 百度在线网络技术(北京)有限公司 | Application testing method and device, application testing equipment and storage medium |
| CN112347486A (en) * | 2020-11-30 | 2021-02-09 | 山东浪潮商用系统有限公司 | Code vulnerability examination method and device for realizing privacy protection and readable medium |
| CN112527672A (en) * | 2020-12-21 | 2021-03-19 | 北京深思数盾科技股份有限公司 | Detection method and equipment for shell adding tool |
| CN112541179A (en) * | 2020-11-27 | 2021-03-23 | 国网河南省电力公司电力科学研究院 | Android application digital certificate verification vulnerability detection system and method |
| CN112887945A (en) * | 2021-01-11 | 2021-06-01 | 公安部第三研究所 | Penetration testing method for Internet of vehicles network |
| CN113132346A (en) * | 2021-03-05 | 2021-07-16 | 国家计算机网络与信息安全管理中心 | Detection method and system for mobile application information stealing and returning master control address |
| CN113360905A (en) * | 2021-05-26 | 2021-09-07 | 上海蛮犀科技有限公司 | Automatic safety detection method for mobile application |
| WO2021226961A1 (en) * | 2020-05-14 | 2021-11-18 | 深圳市欢太科技有限公司 | Application security test method and apparatus, storage medium, and electronic device |
| CN113806715A (en) * | 2020-06-16 | 2021-12-17 | 上海交通大学 | SDK security analysis method for embedded equipment |
| CN114077728A (en) * | 2020-08-12 | 2022-02-22 | 电子科技大学 | Android application biometric authentication security method based on static detection |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102411690A (en) * | 2011-12-31 | 2012-04-11 | 中国信息安全测评中心 | Safety loophole mining method and device of application software under Android platform |
| US20130227683A1 (en) * | 2012-02-24 | 2013-08-29 | Appthority, Inc. | Quantifying the risks of applications for mobile devices |
-
2014
- 2014-12-16 CN CN201410781145.XA patent/CN104484607A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102411690A (en) * | 2011-12-31 | 2012-04-11 | 中国信息安全测评中心 | Safety loophole mining method and device of application software under Android platform |
| US20130227683A1 (en) * | 2012-02-24 | 2013-08-29 | Appthority, Inc. | Quantifying the risks of applications for mobile devices |
Non-Patent Citations (2)
| Title |
|---|
| UCHIHAL: "《APK安全测试》", 《HTTP://BLOG.SINA.COM.CN/S/BLOG_D32007AC0102V8CI.HTML》 * |
| 吕晓庆: "Android软件动态行为监测系统的设计和实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (65)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104778409B (en) * | 2015-04-16 | 2018-01-12 | 电子科技大学 | A kind of detection method and device of Android application software similitude |
| CN104778409A (en) * | 2015-04-16 | 2015-07-15 | 电子科技大学 | Method and device for detecting similarities of Android application software |
| CN106156630A (en) * | 2015-04-23 | 2016-11-23 | 阿里巴巴集团控股有限公司 | The leak detection method of a kind of application program installation kit and device |
| WO2016206393A1 (en) * | 2015-06-26 | 2016-12-29 | 中兴通讯股份有限公司 | Method and apparatus for managing application and method and apparatus for implementing read-write operation |
| CN104966031A (en) * | 2015-07-01 | 2015-10-07 | 复旦大学 | Method for identifying permission-irrelevant private data in Android application program |
| CN104966031B (en) * | 2015-07-01 | 2018-02-27 | 复旦大学 | The recognition methods of non-authority associated privacy data in Android application program |
| CN105068921B (en) * | 2015-07-23 | 2018-04-10 | 清华大学 | Android based on App comparative analyses applies the evaluation method of shop confidence level |
| CN105068921A (en) * | 2015-07-23 | 2015-11-18 | 清华大学 | App comparative analysis based Android application store credibility evaluation method |
| CN106992853A (en) * | 2015-10-27 | 2017-07-28 | 信特尼有限公司 | Password program variation |
| CN105512045A (en) * | 2015-12-24 | 2016-04-20 | 珠海市君天电子科技有限公司 | Application program testing method and device and testing equipment |
| CN105630684A (en) * | 2016-01-26 | 2016-06-01 | 百度在线网络技术(北京)有限公司 | Software development kit identification method and device |
| CN107239702A (en) * | 2016-03-29 | 2017-10-10 | 腾讯科技(深圳)有限公司 | The method and device of a kind of security breaches detection |
| CN106294068A (en) * | 2016-08-03 | 2017-01-04 | 福建星海通信科技有限公司 | A kind of Android system APK method for managing and monitoring and device thereof |
| CN106326744B (en) * | 2016-08-18 | 2019-05-07 | 广州视睿电子科技有限公司 | A kind of method and apparatus for judging to obscure file |
| CN106326744A (en) * | 2016-08-18 | 2017-01-11 | 广州视睿电子科技有限公司 | Method and device for judging confused file |
| CN107798244B (en) * | 2016-09-07 | 2020-09-04 | 杭州萤石网络有限公司 | Method and device for detecting remote code execution vulnerability |
| CN107798244A (en) * | 2016-09-07 | 2018-03-13 | 杭州萤石网络有限公司 | A kind of method and device for detecting Remote Code Execution Vulnerability |
| CN106815527A (en) * | 2016-12-01 | 2017-06-09 | 全球能源互联网研究院 | The detection method and device of a kind of IOS application datas safety |
| CN107122666A (en) * | 2016-12-05 | 2017-09-01 | 招商银行股份有限公司 | The methods of risk assessment and device of financial application |
| CN106874760A (en) * | 2016-12-23 | 2017-06-20 | 浙江工业大学 | A kind of Android malicious code sorting techniques based on hierarchy type SimHash |
| CN106709359A (en) * | 2017-01-05 | 2017-05-24 | 中国电子科技网络信息安全有限公司 | Detection method of Android application vulnerabilities |
| CN106845171B (en) * | 2017-01-20 | 2020-01-17 | 暨南大学 | Android application program code protection mechanism identification method |
| CN106845171A (en) * | 2017-01-20 | 2017-06-13 | 暨南大学 | A kind of Android application codes protection mechanism discrimination method |
| CN107133501A (en) * | 2017-03-20 | 2017-09-05 | 福建天晴数码有限公司 | The safety detection method and system of a kind of APK file |
| CN107133519A (en) * | 2017-05-15 | 2017-09-05 | 华中科技大学 | Privacy compromise detection method and system in a kind of Android application network communication |
| CN107133519B (en) * | 2017-05-15 | 2019-07-05 | 华中科技大学 | Privacy compromise detection method and system in a kind of communication of Android application network |
| CN107330325A (en) * | 2017-06-30 | 2017-11-07 | 北京金山安全管理系统技术有限公司 | The authentication method and device of application file |
| CN107341403B (en) * | 2017-07-24 | 2020-11-27 | 北京理工大学 | File conversion method and device |
| CN107341403A (en) * | 2017-07-24 | 2017-11-10 | 北京理工大学 | A kind of document conversion method and device |
| CN107832619B (en) * | 2017-10-10 | 2020-12-15 | 电子科技大学 | Automatic application program vulnerability mining system and method under Android platform |
| CN107832619A (en) * | 2017-10-10 | 2018-03-23 | 电子科技大学 | Vulnerability of application program automatic excavating system and method under Android platform |
| CN109711151A (en) * | 2017-10-25 | 2019-05-03 | 武汉安天信息技术有限责任公司 | A kind of prediction technique, system and the device of application program bad behavior |
| CN109711151B (en) * | 2017-10-25 | 2021-08-20 | 武汉安天信息技术有限责任公司 | Method, system and device for predicting adverse behaviors of application program |
| CN108173832A (en) * | 2017-12-25 | 2018-06-15 | 四川长虹电器股份有限公司 | Family's Internet of Things application system penetration testing method based on end cloud translocation |
| CN108520179B (en) * | 2018-04-09 | 2021-01-15 | 福建中金在线信息科技有限公司 | Method and device for processing webview vulnerability |
| CN108520179A (en) * | 2018-04-09 | 2018-09-11 | 福建中金在线信息科技有限公司 | A kind for the treatment of method and apparatus of webview loopholes |
| CN110390185A (en) * | 2018-04-20 | 2019-10-29 | 武汉安天信息技术有限责任公司 | Packet is beaten again using detection method, regular base construction method and relevant apparatus |
| CN108830084B (en) * | 2018-06-12 | 2021-10-01 | 国网江苏省电力有限公司无锡供电分公司 | Handheld terminal for realizing vulnerability scanning and protection reinforcement and protection method |
| CN108830084A (en) * | 2018-06-12 | 2018-11-16 | 国网江苏省电力有限公司无锡供电分公司 | Realize the handheld terminal and means of defence of computer information safe protection vulnerability scanning and protective reinforcing |
| CN110858141A (en) * | 2018-08-23 | 2020-03-03 | 西门子股份公司 | Method, device and storage medium for evaluating codes in layered architecture software |
| CN109344634B (en) * | 2018-09-28 | 2021-04-13 | 东软集团股份有限公司 | Permission granting method and device for application, terminal and computer readable storage medium |
| CN109344634A (en) * | 2018-09-28 | 2019-02-15 | 东软集团股份有限公司 | Permission giving method, device, terminal and the computer readable storage medium of application |
| CN110232146A (en) * | 2019-04-30 | 2019-09-13 | 北京邮电大学 | A kind of data grab method and grabbing device |
| CN110232146B (en) * | 2019-04-30 | 2022-05-31 | 北京邮电大学 | Data grabbing method and grabbing device |
| CN110134608A (en) * | 2019-05-20 | 2019-08-16 | 人立方智能科技有限公司 | Android application evaluation system and its working method |
| CN112073584A (en) * | 2019-08-27 | 2020-12-11 | 烟台中科网络技术研究所 | Risk assessment method for App to collect personal sensitive information of user |
| CN110769008A (en) * | 2019-11-05 | 2020-02-07 | 长沙豆芽文化科技有限公司 | Data security protection method and device and service equipment |
| CN111046387A (en) * | 2019-12-05 | 2020-04-21 | 深圳市任子行科技开发有限公司 | Analysis and detection method and system for APP uploading user information |
| CN111382437A (en) * | 2020-03-03 | 2020-07-07 | 思客云(北京)软件技术有限公司 | Defect detection method, device and computer readable storage medium based on configuration analysis engine |
| WO2021226961A1 (en) * | 2020-05-14 | 2021-11-18 | 深圳市欢太科技有限公司 | Application security test method and apparatus, storage medium, and electronic device |
| CN111611590A (en) * | 2020-05-22 | 2020-09-01 | 支付宝(杭州)信息技术有限公司 | Method and device for data security related to application program |
| CN111611590B (en) * | 2020-05-22 | 2023-10-27 | 支付宝(杭州)信息技术有限公司 | Method and device for data security related to application program |
| CN113806715A (en) * | 2020-06-16 | 2021-12-17 | 上海交通大学 | SDK security analysis method for embedded equipment |
| CN113806715B (en) * | 2020-06-16 | 2024-04-05 | 上海交通大学 | SDK security analysis method and system for embedded equipment |
| CN114077728A (en) * | 2020-08-12 | 2022-02-22 | 电子科技大学 | Android application biometric authentication security method based on static detection |
| CN112182581B (en) * | 2020-09-24 | 2023-10-13 | 百度在线网络技术(北京)有限公司 | Application testing method, device, application testing equipment and storage medium |
| CN112182581A (en) * | 2020-09-24 | 2021-01-05 | 百度在线网络技术(北京)有限公司 | Application testing method and device, application testing equipment and storage medium |
| CN112541179A (en) * | 2020-11-27 | 2021-03-23 | 国网河南省电力公司电力科学研究院 | Android application digital certificate verification vulnerability detection system and method |
| CN112347486A (en) * | 2020-11-30 | 2021-02-09 | 山东浪潮商用系统有限公司 | Code vulnerability examination method and device for realizing privacy protection and readable medium |
| CN112527672B (en) * | 2020-12-21 | 2021-10-22 | 北京深思数盾科技股份有限公司 | Detection method and equipment for shell adding tool |
| CN112527672A (en) * | 2020-12-21 | 2021-03-19 | 北京深思数盾科技股份有限公司 | Detection method and equipment for shell adding tool |
| CN112887945A (en) * | 2021-01-11 | 2021-06-01 | 公安部第三研究所 | Penetration testing method for Internet of vehicles network |
| CN112887945B (en) * | 2021-01-11 | 2022-12-09 | 公安部第三研究所 | Penetration testing method for Internet of vehicles network |
| CN113132346A (en) * | 2021-03-05 | 2021-07-16 | 国家计算机网络与信息安全管理中心 | Detection method and system for mobile application information stealing and returning master control address |
| CN113360905A (en) * | 2021-05-26 | 2021-09-07 | 上海蛮犀科技有限公司 | Automatic safety detection method for mobile application |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104484607A (en) | Universal method and universal system for performing safety testing on Android application programs | |
| Reardon et al. | 50 ways to leak your data: An exploration of apps' circumvention of the android permissions system | |
| US9584543B2 (en) | Method and system for web integrity validator | |
| CN103716785B (en) | A kind of mobile Internet safety service system | |
| Yang et al. | Study and mitigation of origin stripping vulnerabilities in hybrid-postmessage enabled mobile applications | |
| CN110968872A (en) | File vulnerability detection processing method and device, electronic equipment and storage medium | |
| Wang et al. | Leakdoctor: Toward automatically diagnosing privacy leaks in mobile applications | |
| CN110519216A (en) | A kind of electric power industrial control system static state and dynamic leak analysis and method for digging | |
| CN111131303A (en) | Request data verification system and method | |
| Bai et al. | All your sessions are belong to us: Investigating authenticator leakage through backup channels on android | |
| CN104837159B (en) | Android platform OAuth agreements misapply safety detection method | |
| Wang et al. | One Size Does Not Fit All: Uncovering and Exploiting Cross Platform Discrepant {APIs} in {WeChat} | |
| CN117155716B (en) | Access verification method and device, storage medium and electronic equipment | |
| Wen et al. | An empirical study of sdk credential misuse in ios apps | |
| CN111159712B (en) | Detection method, device and storage medium | |
| EP2873023B1 (en) | Technique for determining a malign or non-malign behavior of an executable file | |
| Hutchinson et al. | Forensic analysis of spy applications in android devices | |
| CN104252598B (en) | A kind of method and device detected using loophole | |
| CN110049055A (en) | Business loophole means of defence, device and system | |
| Sharma et al. | Smartphone security and forensic analysis | |
| Al-Wosabi et al. | Framework for software tampering detection in embedded systems | |
| Qi et al. | A comparative study on the security of cryptocurrency wallets in android system | |
| KR20200080776A (en) | Data security apparatus | |
| Yıldırım et al. | A research on software security vulnerabilities of new generation smart mobile phones | |
| Focardi et al. | Run-time attack detection in cryptographic apis |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150401 |