Loading...
|
Please use this identifier to cite or link to this item:
https://nccur.lib.nccu.edu.tw/handle/140.119/69192
|
| Title: | 行動應用程式的函式行為分析
Distributed Call Sequence Counting on iOS Executable |
| Authors: | 戴睿宸
Tai, Ruei Chen |
| Contributors: | 郁方
Yu, Fang
戴睿宸
Tai, Ruei Chen |
| Keywords: | 呼叫序列
行動應用程式安全
字串分析
分散式運算
call sequence
mobile app security
syntax analysis
distributed computing |
| Date: | 2013 |
| Issue Date: | 2014-08-25 15:15:42 (UTC+8) |
| Abstract: | 本研究利用字串分析之方式對行動應用程式之執行檔進行靜態分析,進以偵測行動應用程式之行為。 本研究計算行動應用程式所呼叫特定系統函式之序列,進一步比對特定可疑行為模式並判定行動應用程式是否包含其可疑行為,由於進行此研究需要考慮行動應用程式執行檔中每一個系統函式的呼叫,因此增加了大量的計算複雜度,故需要大量的運算資源來進行,為了提高運算的效率,本研究採用了Hadoop 作為分散式運算的平台來達成可延展的分析系統,進以達成分析大量行動應用程式的目的,透過建立特定的行為模式庫,本研究已分析了上千個現實使用的行動應用程式,並提供其含有潛在可疑行為的分析報告。
This work presents a syntax analysis on the executable files of iOS apps to characterize and detect suspicious behaviors performed by the apps. The main idea is counting the appearances of call sequences in the apps which are resolved via reassembling the executable binaries. Since counting the call sequences of the app needs to consider different combinations of every function calls in the app, which significantly increases the complexity of the computing, it takes abundant computing power to bring out our analysis on massive apps on the market, to improve the performance and the effectiveness of our analysis, this work adopted a distributed computing algorithm via Hadoop framework achieving a scalable static syntax analysis which is able to process huge amount of modern apps. We learn the malicious behaviors pattern through comparing the pairs of normal and abnormal app which are identical except on certain behaviors we inserted. By matching the patterns with the call sequences we collected from the public apps, we characterized the behaviors of apps and report the suspicious behaviors carried potential security threats in the apps. |
| Reference: | [1] 55% of Social Networking Consumption Occurs on A Mobile Device. (2013, February 27). MarketingCharts. Retrieved March 6, 2014, from http://www.marketingcharts.com/wp/interactive/55-of-social-networking-consumption-occurs-on-a-mobile-device-27327/.
[2] Android Market Terms of Service. (2012, February 16). Android Market Terms of Service. Retrieved March 6, 2014, from http://www.google.com/mobile/android/market-tos.html.
[3] Apache Hadoop. (n.d.). Apache Hadoop. Retrieved March 6, 2014, from http://hadoop.apache.org/
[4] Apple - Apple Customer Privacy Policy. (2013, August 1). Apple - Apple Customer Privacy Policy. Retrieved March 6, 2014, from http://www.apple.com/privacy/
[5] Apple App Store. (2013, October 22). Wikipedia. Retrieved March 6, 2014, from http://en.wikipedia.org/wiki/App_Store_(iOS)#cite_note-ios7-1.
[6] Apple Approves, Pulls Flashlight App with Hidden Tethering Mode. (2010, July 21). Wired. Retrieved March 7, 2014, from http://www.wired.com/gadgetlab/2010/07/apple-approves-pulls-flashlight%2dapp-with-hidden-tethering-mode/.
[7] Apple Developer. (n.d.). Xcode. Retrieved March 6, 2014, from http://developer.apple.com/xcode.
[8] Apple Store. (2010, March 1). Apple Store. Retrieved March 6, 2014, from http://store.apple.com/Catalog/US/Images/ADC_terms.html
[9] Babić, D., Reynaud, D., & Song, D. (2011, January). Malware analysis with tree automata inference. In Computer Aided Verification (pp. 116-131). Springer Berlin Heidelberg.
[10] Cydia. (n.d.). Cydia. Retrieved March 6, 2014, from http://cydia.saurik.com/.
[11] Dean, J., & Ghemawat, S. (2008). MapReduce: simplified data processing on large clusters. Communications of the ACM, 51(1), 107-113.
[12] Egele, M., Kruegel, C., Kirda, E., & Vigna, G. (2011, February). PiOS: Detecting Privacy Leaks in iOS Applications. In NDSS.
[13] Enck, W. H. (2011). Analysis techniques for mobile operating system security (Doctoral dissertation, The Pennsylvania State University).
[14] Enck, W. (2011). Defending users against smartphone apps: Techniques and future directions. In Information Systems Security (pp. 49-70). Springer Berlin Heidelberg.
[15] Enck, W., Gilbert, P., Chun, B. G., Cox, L. P., Jung, J., McDaniel, P., & Sheth, A. (2010, October). TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In OSDI (Vol. 10, pp. 1-6).
[16] Enck, W., Octeau, D., McDaniel, P., & Chaudhuri, S. (2011, August). A Study of Android Application Security. In USENIX Security Symposium.
[17] Felt, A. P., Finifter, M., Chin, E., Hanna, S., & Wagner, D. (2011, October). A survey of mobile malware in the wild. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices (pp. 3-14). ACM.
[18] Gilbert, P., Chun, B. G., Cox, L. P., & Jung, J. (2011, June). Vision: automated security validation of mobile apps at app markets. In Proceedings of the second international workshop on Mobile cloud computing and services (pp. 21-26). ACM.
[19] IDA. (n.d.). IDA. Retrieved March 6, 2014, from https://www.hex-rays.com/products/ida/support/tutorials/index.shtml.
[20] Jones, C. (2013, December 11). Apple`s App Store About To Hit 1 Million Apps. Forbes. Retrieved March 6, 2014, from http://www.forbes.com/sites/chuckjones/2013/12/11/apples-app-store-about-to-hit-1-million-apps/.
[21] List of countries by number of mobile phones in use. (2014, May 3). Wikipedia. Retrieved March 6, 2014, from http://en.wikipedia.org/wiki/List_of_countries_by_number_of_mobile_phones_in_use
[22] Mac Developer Library. (2013, April 25). Mac Developer Library. Retrieved March 6, 2014, from http://developer.apple.com/library/mac/#documentation/Cocoa/Conceptual/ProgrammingWithObjectiveC/Introduction/Introduction.html.
[23] Mann, C., & Starostin, A. (2012, March). A framework for static detection of privacy leaks in android applications. In Proceedings of the 27th Annual ACM Symposium on Applied Computing (pp. 1457-1462). ACM.
[24] Media Consumption Estimates: Mobile > PC; Digital > TV. (2013, August 5). MarketingCharts. Retrieved March 6, 2014, from http://www.marketingcharts.com/wp/television/media-consumption-estimates-mobile-pc-digital-tv-35626/
[25] More Smartphones Were Shipped in Q1 2013 Than Feature Phones, An Industry First According to IDC - prUS24085413. (2013, April 25). More Smartphones Were Shipped in Q1 2013 Than Feature Phones, An Industry First According to IDC - prUS24085413. Retrieved March 6, 2014, from http://www.idc.com/getdoc.jsp?containerId=prUS24085413.
[26] NEWSBYTES.PH | Philippine smartphone adoption rate at 15%. (2013, September 18). Infotek News InterAksyoncom. Retrieved March 6, 2014, from http://www.interaksyon.com/infotech/newsbytes-ph-philippine-smartphone-adoption-rate-at-15.
[27] Newsroom. (2013, August 14). Gartner Says Smartphone Sales Grew 46.5 Percent in Second Quarter of 2013 and Exceeded Feature Phone Sales for First Time. Retrieved March 6, 2014, from http://www.gartner.com/newsroom/id/2573415.
[28] Newswire . (2013, December 16). Consumer Electronics Ownership Blasts Off in 201. Retrieved March 6, 2014, from http://www.nielsen.com/us/en/newswire/2013/consumer-electronics-ownership-blasts-off-in-2013.html.
[29] Newswire . (2013, June 6). Mobile Majority: U.S. Smartphone Ownership Tops 60%. Retrieved March 6, 2014, from http://www.nielsen.com/us/en/newswire/2013/mobile-majority--u-s--smartphone-ownership-tops-60-.html.
[30] Objective-C. (2014, May 3). Wikipedia. Retrieved March 6, 2014, from https://en.wikipedia.org/wiki/Objective-C.
[31] PC Users Increasingly Turning to Smart Devices for Web Browsing, Facebook Access. (2013, February 11). MarketingCharts. Retrieved March 6, 2014, from http://www.marketingcharts.com/wp/interactive/pc-users-increasingly-turning-to-smart-devices-for-web-browsing-facebook-access-26881/.
[32] Realtime Privacy Monitoring on Smartphones. (n.d.). TaintDroid:. Retrieved March 6, 2014, from http://appanalysis.org/
[33] Szydlowski, M., Egele, M., Kruegel, C., & Vigna, G. (2012). Challenges for dynamic analysis of iOS applications. In Open Problems in Network Security (pp. 65-77). Springer Berlin Heidelberg.
[34] Tablet Shipments Forecast to Top Total PC Shipments in the Fourth Quarter of 2013 and Annually by 2015, According to IDC - prUS24314413. (2013, September 11). Tablet Shipments Forecast to Top Total PC Shipments in the Fourth Quarter of 2013 and Annually by 2015, According to IDC - prUS24314413. Retrieved March 6, 2014, from http://www.idc.com/getdoc.jsp?containerId=prUS24314413.
[35] TERMS AND CONDITIONS. (2011, October 12). iTUNES STORE -. Retrieved March 6, 2014, from http://www.apple.com/legal/itunes/us/terms.html#APPS.
[36] The Four-Year Anniversary of the Apple App Store. (2013, April 17). DISTIMO. Retrieved March 7, 2014, from http://www.distimo.com/publications/archive/Distimo%20Publication%20-%20July%202012.pdf.
[37] The NPD Group. (2013, February 7). 37 Percent of PC Users Migrate Activities to Mobile Devices. Retrieved March 6, 2014, from https://www.npd.com/wps/portal/npd/us/news/press-releases/37-percent-of-pc-users-migrate-activities-to-mobile-devices-according-to-the-npd-group/.
[38] Wetherall, D., Choffnes, D., Greenstein, B., Han, S., Hornyack, P., Jung, J., ... & Wang, X. (2011, May). Privacy revelations for web and mobile apps. In Proceedings of the 13th USENIX conference on Hot topics in operating systems (pp. 21-21). USENIX Association.
[39] Zhou, Y., Wang, Z., Zhou, W., & Jiang, X. (2012, February). Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (pp. 5-8). |
| Description: | 碩士
國立政治大學
資訊管理研究所
100356023
102 |
| Source URI: | http://thesis.lib.nccu.edu.tw/record/#G0100356023 |
| Data Type: | thesis |
| Appears in Collections: | [資訊管理學系] 學位論文
|
Files in This Item:
| File |
Size | Format | |
|---|
| 602301.pdf | 2788Kb | Adobe PDF2 | 213 | View/Open |
|
All items in 政大典藏 are protected by copyright, with all rights reserved.
|
