计算机应用 ›› 2015, Vol. 35 ›› Issue (3): 751-755.DOI: 10.11772/j.issn.1001-9081.2015.03.751

• 信息安全 • 上一篇    下一篇

用户友好的Android隐私监管机制

黄洁, 谭博, 谭成翔   

  1. 同济大学 电子与信息工程学院, 上海 201804
  • 收稿日期:2014-10-20 修回日期:2014-11-27 出版日期:2015-03-10 发布日期:2015-03-13
  • 通讯作者: 黄洁
  • 作者简介:黄洁(1990-),女,上海人,硕士研究生,主要研究方向:移动安全;谭博(1979-),男,湖北荆门人,博士研究生,主要研究方向:信息安全;谭成翔(1965-),男,湖北红安人,研究员,博士生导师,博士,主要研究方向:信息安全、网络与分布式计算

User-friendly privacy monitoring and management mechanism on Android

HUANG Jie, TAN Bo, TAN Chengxiang   

  1. School of Electronics and Information Engineering, Tongji University, Shanghai 201804, China
  • Received:2014-10-20 Revised:2014-11-27 Online:2015-03-10 Published:2015-03-13

摘要:

针对安卓(Android)应用过度授权导致的隐私泄露问题,提出了一种用户友好的Android隐私监管机制UFMDroid。该机制使用服务代理重定向技术在Android控制流中插入隐私行为监控和细粒度运行时资源约束模块。UFMDroid通过对安卓市场已有软件的权限进行分层聚类和欧几里得距离度量以构建各类应用的预置权限轮廓,从而过滤可疑权限。UFMDroid通过计算当前权限配置与预置权限的距离获得应用静态威胁值;通过对涉隐私行为分类,同时考虑不同类别隐私行为的个体威胁和组合威胁,为用户提供应用实时威胁量化值。此外,UFMDroid通过提供虚假数据的方式防止应用因权限撤销引发程序崩溃。实验结果表明,UFMDroid可以成功监控应用对21种隐私数据的获取行为并可按用户配置进行隐私行为实时拦截响应,在一定程度上加强隐私保护。

关键词: 过度授权, 隐私保护, 预置权限, 威胁量化, 实时监控

Abstract:

To solve the excessive authorization problem of Android, this paper proposed a User-Friendly privacy monitoring and management Mechanism on AnDroid named UFMDroid. Proxy redirect technology was used to implement privacy-related behavior monitoring module and fine-grained resources constraint module in Android control flow. UFMDroid analyzed the existing applications on Android market and constructed a permission profile as preset by hierarchical clustering and Euclidean distance metric to filter suspicious authority. A static threat value could be provided by calculating the distance between the preset and the current permission configuration. The privacy-related behaviors of application were classified and both of the individual threat and combination threat were considered in calculating the dynamic runtime threat value. In addition, fake data mechanism was imported to prevent the application from crashing while the permission was withdrawn. The experimental results show that UFMDroid can monitor the usage of 21 different resources and it can intercept the privacy leakage behaviors in accordance with user configuration. UFMDroid can enhance the security of Android to some extent.

Key words: excessive authorization, privacy protection, preset permission, threat quantification, runtime monitoring

中图分类号: