Ontology model for detecting Android implicit information flow

doi:10.11772/j.issn.1001-9081.2017071970

Journal of Computer Applications ›› 2018, Vol. 38 ›› Issue (1): 61-66.DOI: 10.11772/j.issn.1001-9081.2017071970

Previous Articles Next Articles

Ontology model for detecting Android implicit information flow

LIU Qiyuan^1,2, JIAO Jian^1,2, CAO Hongsheng^1,2

1. Beijing Key Laboratory of Internet Culture and Digital Dissemination, Beijing Information Science and Technology University, Beijing 100101, China;
2. School of Computer, Beijing Information Science and Technology University, Beijing 100101, China

Received:2017-08-11 Revised:2017-08-30 Online:2018-01-10 Published:2018-01-22
Supported by:
This work is partially supported by the National Natural Science Foundation of China (61370065, 61502040),the National Key Technology Research and Development Program of the Ministry of Science and Technology of China (2015BAK12B03-03),the Opening Foundation of Key Laboratory of Internet Culture and Digital Dissemination (ICDDXN001).

Android隐式信息流检测的本体模型

刘其源^1,2, 焦健^1,2, 曹宏盛^1,2

1. 北京信息科技大学网络文化与数字传播北京市重点实验室, 北京 100101;
2. 北京信息科技大学计算机学院, 北京 100101

通讯作者: 焦健
作者简介:刘其源(1992-),男,安徽阜阳人,硕士研究生,CCF会员,主要研究方向:网络安全、智能终端的恶意代码分析;焦健(1978-),男,河北沧州人,副教授,博士,CCF会员,主要研究方向:网络测量、网络安全;曹宏盛(1989-),男,广西钦州人,硕士研究生,CCF会员,主要研究方向:网络安全。
基金资助:
国家自然科学基金资助项目（61370065，61502040）；"十二五"国家科技支撑计划项目子课题项目（2015BAK12B03-03）；网络文化与传播重点实验室开放课题项目（ICDDXN001）。

Abstract

Abstract: Concerning the problem that the traditional information leakage detection technology can not effectively detect implicit information leakage in Android applications, a reasoning method of Android Implicit Information Flow (ⅡF) combining control structure ontology model and Semantic Web Rule Language (SWRL) inference rule was proposed. Firstly, the key elements that generate implicit information flow in control structure were analyzed and modeled to establish the control structure ontology model. Secondly, based on the analysis of the main reasons of implicit information leakage, criterion rules of implicit information flow based on Strict Control Dependence (SCD) were given and converted into SWRL inference rules. Finally, control structure ontology instances and SWRL inference rules were imported into the inference engine Jess for reasoning. The experimental results show that the proposed method can deduce a variety of implicit information flow based on SCD with different nature and the testing accuracy of sample set is 83.3%, and the reasoning time is in the reasonable interval when the branch number is limited. The proposed model can effectively assist traditional information leakage detection to improve its accuracy.

Key words: Android implicit information flow, control structure, Strict Control Dependence (SCD), ontology, Semantic Web Rule Language (SWRL)

摘要： 针对传统的信息泄漏检测技术无法有效检测Android应用中存在的隐式信息泄露的问题，提出了一种将控制结构本体模型与语义网规则语言（SWRL）推理规则相结合的Android隐式信息流（ⅡF）推理方法。首先，对控制结构中能够产生隐式信息流的关键要素进行分析和建模，建立控制结构本体模型；其次，通过分析隐式信息泄露的主要原因，给出基于严格控制依赖（SCD）隐式信息流的判定规则并将其转换为SWRL推理规则；最后，将添加的控制结构本体实例与推理规则共同导入到推理引擎Jess中进行推理。实验结果表明：所提方法能够推理出多种不同性质的SCD隐式流，公开样本集的测试准确率达到83.3%，且推理耗时在分支数有限时处于合理区间。所提模型方法可有效辅助传统信息泄露检测提升其准确率。

关键词: Android隐式信息流, 控制结构, 严格控制依赖, 本体, 语义网规则语言

CLC Number:

TP309.1

LIU Qiyuan, JIAO Jian, CAO Hongsheng. Ontology model for detecting Android implicit information flow[J]. Journal of Computer Applications, 2018, 38(1): 61-66.

刘其源, 焦健, 曹宏盛. Android隐式信息流检测的本体模型[J]. 计算机应用, 2018, 38(1): 61-66.

References

[1] ARZT S, RASTHOFER S, FRITZ C, et al. FlowDroid:precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps[J]. ACM SIGPLAN Notices, 2014, 49(6):259-269.
[2] GORDON M I, KIM D, PERKINS J, et al. Information-flow analysis of Android applications in DroidSafe[C]//Proceedings of the 22nd Network and Distributed System Security Symposium. San Diego, CA:ISOC, 2015:1-16.
[3] ENCK W, GILBERT P, HAN S, et al. TaintDroid:an information-flow tracking system for realtime privacy monitoring on smartphones[J]. ACM Transactions on Computer Systems, 2014, 32(2):5-19.
[4] SCHWARTZ E J, AVGERINOS T, BRUMLEY D. All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask)[C]//Proceedings of the 2010 IEEE symposium on Security and Privacy. Piscataway, NJ:IEEE, 2010:317-331.
[5] YOU W, LIANG B, LI J, et al. Android implicit information flow demystified[C]//Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. Now York:ACM, 2015:585-590.
[6] 过辰楷,许静,司冠南,等.面向移动应用软件信息泄露的模型检测研究[J].计算机学报,2016,39(11):2324-2343.(GUO C K, XU J, SI G N, et al. Model checking for software information leakage in mobile application[J]. Chinese Journal of Computers, 2016, 39(11):2324-2343.)
[7] CLAUSE J, LI W, ORSO A. Dytan:a generic dynamic taint analysis framework[C]//Proceedings of the 2007 International Symposium on Software Testing and Analysis. New York:ACM, 2007:196-206.
[8] 杜小勇,李曼,王珊.本体学习研究综述[J].软件学报,2006,17(9):1837-1847.(DU X Y, LI M, WANG S. A survey on ontology learning research[J]. Journal of Software, 2006, 17(9):1837-1847.)
[9] 葛强,沈国华,黄志球,等.Web服务中支持本体推理的隐私保护研究[J].计算机科学与探索,2013,7(6):536-544.(GE Q, SHEN G H, HUANG Z Q, et al. Research on privacy protection based on ontology in Web service[J]. Journal of Frontiers of Computer Science and Technology, 2013, 7(6):536-544.)
[10] HORROCKS I, PATEL-SCHNEIDER P F, BOLEY H, et al. SWRL:a semantic Web rule language combining OWL and RuleML[R].[S.l.]:W3C Member Submission, 2004.
[11] BAO T, ZHENG Y, LIN Z, et al. Strict control dependence and its effect on dynamic information flow analyses[C]//Proceedings of the 19th International Symposium on Software Testing and Analysis. New York:ACM, 2010:13-24.
[12] KWON Y, KIM D, SUMNER W N, et al. LDX:Causality inference by lightweight dual execution[C]//Proceedings of the 2016 International Conference on Architectural Support for Programming Languages and Operating Systems. New York:ACM, 2016:503-515.
[13] 周亮,黄志球,倪川.基于SWRL规则的本体推理研究[J].计算机技术与发展,2015,25(10):67-70.(ZHOU L, HUANG Z Q, NI C. Research on ontology reasoning based on SWRL rules[J]. Computer Technology and Development, 2015, 25(10):67-70.)
[14] YADAV U, NARULA G S, DUHAN N, et al. Development and visualization of domain specific ontology using Protégé[J]. Indian Journal of Science and Technology, 2016, 9(16):1-7.
[15] MUSEN M A. The Protégé project:a look back and a look forward[J]. AI Matters, 2015, 1(4):4-12.
[16] BAK J, JEDRZEJEK C, FALKOWSKI M. Usage of the Jess engine, rules and ontology to query a relational database[C]//Proceedings of the 2009 International Workshop on Rules and Rule Markup Languages for the Semantic Web. Berlin:Springer, 2009:216-230.
[17] ZHOU Y, JIANG X. Dissecting android malware:characterization and evolution[C]//Proceedings of the 2012 IEEE Symposium on Security and Privacy. Piscataway, NJ:IEEE, 2012:95-109.
[18] RASTHOFER S, ARZT S, BODDEN E. A machine-learning approach for classifying and categorizing Android sources and sinks[C]//Proceedings of the 21nd Network and Distributed System Security Symposium. San Diego, CA:ISOC, 2014:1-15.

Ontology model for detecting Android implicit information flow

Android隐式信息流检测的本体模型

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

[1]	QIN Li, HAO Zhigang, LI Guoliang. Construction and correlation analysis of national food safety standard graph [J]. Journal of Computer Applications, 2021, 41(4): 1005-1011.
[2]	DAI Tingting, ZHOU Le, YU Qinyong, HUNAG Xifeng, XIE Jun, SONG Minghui, LIU Qiao. Cyclic iterative ontology construction method based on demand assessment and response [J]. Journal of Computer Applications, 2020, 40(9): 2712-2718.
[3]	LIU Jingfa, GU Yaoping, LIU Wenjie. Focused crawler method combining ontology and improved Tabu search for meteorological disaster [J]. Journal of Computer Applications, 2020, 40(8): 2255-2261.
[4]	MA Dongxue, SONG She, XIE Zhenping, LIU Yuan. Domain ontology driven approach for bidding webpage parsing [J]. Journal of Computer Applications, 2020, 40(6): 1574-1579.
[5]	ZHAO Yi, DUAN Xing, XIE Shiyi, LIANG Chunlin. Traffic image semantic retrieval method based on specific object self-recognition [J]. Journal of Computer Applications, 2020, 40(2): 553-560.
[6]	MA Jiangang, ZHANG Peng, MA Yinglong. Efficient judicial document classification based on knowledge block summarization and word mover’s distance [J]. Journal of Computer Applications, 2019, 39(5): 1293-1298.
[7]	TANG Chen, LI Yonghua, RAO Mengni, HU Gangjun. Semantic judgement method of polysemous keywords in dynamic requirement traceability [J]. Journal of Computer Applications, 2019, 39(5): 1299-1304.
[8]	SANG Cheng, CHENG Jian, SHI Yiming. Knowledge integration and semantic annotation in closed-loop lifecycle management system [J]. Journal of Computer Applications, 2017, 37(6): 1728-1734.
[9]	HUANG Nian'e, HUANG He, WANG Rujing. Agriculture-related product name extraction and category labeling based on ontology and conditional random field [J]. Journal of Computer Applications, 2017, 37(1): 233-238.
[10]	ZHONG Yanru, LIANG Yifang, XU Bensheng, ZENG Congwen, LU Hongcheng, WU Fan, ZHAO Zhengjun. Similarity measure method for 3D CAD master model based on Web ontology language [J]. Journal of Computer Applications, 2016, 36(6): 1599-1604.
[11]	ZHANG Yuchen, SHEN Beijun. Automatic construction of software engineering linked data [J]. Journal of Computer Applications, 2016, 36(3): 758-764.
[12]	LIU Xinrui, REN Fengyu, LEI Guoping. Research of domain ontology driven enterprise on-line analytical processing systems [J]. Journal of Computer Applications, 2016, 36(1): 254-259.
[13]	CHEN Qian, GUI Zhiguo, GUO Xin, XIANG Yang. Topic evolution in text stream based on feature ontology [J]. Journal of Computer Applications, 2015, 35(2): 456-460.
[14]	XIA Meicui, SHI Hongtao. Efficient information search method based on semantic Web [J]. Journal of Computer Applications, 2015, 35(10): 2915-2919.
[15]	QIU Yunfei LIN Mingming SHAO Liangshan. Establishment and application of consumption sentiment ontology library based on three-dimensional coordinate [J]. Journal of Computer Applications, 2013, 33(09): 2540-2545.