政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/111453
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 113160/144130 (79%)
Visitors : 50751639      Online Users : 504
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    政大典藏 > College of Commerce > Department of MIS > Theses >  Item 140.119/111453
    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/111453


    Title: AppScan:手機應用程式行為靜態偵測掃描-以iOS為例
    AppScan : Static mobile application behavior scanning on iOS executable
    Authors: 王韋仁
    Wang, Wei Ren
    Contributors: 郁方
    Yu, Fang
    王韋仁
    Wang, Wei Ren
    Keywords: 行動應用程式
    靜態分析
    行為分析
    語法分析
    Mobile apps
    Static analysis
    Behavior analysis
    Syntax analysis
    Date: 2017
    Issue Date: 2017-07-31 10:58:40 (UTC+8)
    Abstract: 行動應用程式是當今最受歡迎和最主要的軟體應用程式,因此應用程式的實際行為以及相關的安全和隱私問題變得越來越重要。另一方面,隨著時間的推移,AppStore上有越來越多的應用程式已經停止更新或停止服務,但沒有從AppStore中刪除。然而,用戶對於缺少維護問題一無所知,仍然下載並使用它。在本研究中,我們將解決在應用程式中檢查特定屬性方法序列的問題。通過使用IDApro生成Function call dependency graph和Subroutine control flow graph,我們使用語法分析方式來進行跨子程式的序列檢查方案。我們將通過預先定義屬性的方法序列作為模型來檢查應用程式行為。這個分析方法可以說明在App Store中可用的應用程式中是否存在屬性方法序列。有助於我們在應用程式中檢查一些惡意行為屬性方法序列或特定行為方法序列(例如使用不推薦的api方法)。
    我們的網絡爬蟲從官方文件中摘取了的所有可用的iOS SDK方法,並從中提取做為我們的模型序列。我們將檢查應用程式是否包含所準備的模型序列。如果應用程式中存在該序列,我們將在應用程式中記錄子程式中包含的方法序列調用。然後將結果數據匯總到我們的數據庫中,並將結果視覺化、數據化,並建立系統的的API服務。最後,我們構建了一個使用上述檢查功能所識做的的分析系統,並以Web服務形式顯示結果。
    Mobile application is the most popular and dominant software applications nowadays, so the actual behaviors of the application and the related security and privacy issues become more and more important. On the other hand, as time goes by, there are more and more applications on the AppStore stop to update or being abandoned but not removed from AppStore. However, the users know nothing about the lack of maintenance problems and still download and use it. In this research, we will resolve the issue for checking specific property method sequence within an application. By using IDApro to generate function call graph and the subroutine control flow graphs, we use syntax checking strategy to perform a across subroutines sequential checking solution. We will check the application behavior by predefining a property method sequence as pattern and then check with applications’. The analysis method can illustrate whether a property method sequence exists in the application which is available on App Store. This may help us to check some malicious behavior property method sequence or specific behavior method sequence (ex. using deprecated api methods) in the applications. We have prepared some property method sequence as our system input pattern extracted from all the available iOS SDK methods fetching by our web crawler. We will check whether an application contains the prepared method sequence or not. If the sequence exists in the application, we would record the method sequence call included in the subroutine within the application. Then the results data will be aggregated in our database, and export as api service for visualizing and statistic uses. Finally, we construct a call sequence analysis system for the above checking functions and show the result in a web service form
    Reference: [1] Apache hadoop. http://hadoop.apache.org/.
    [2] ios developer api reference. https://developer.apple.com/reference/.
    [3] ios release notes. https://developer.apple.com/library/content/ releasenotes/General/WhatsNewIniOS/.
    [4] Pangu ios 9. Available online at urlhttp://www.pangu.io.
    [5] stefanesser umpdecrypted. Available online at url- https://github.com/stefanesser/dumpdecrypted.
    [6] ios developer program license agreement. https://developer.apple.com/programs/terms/ios/standard/ ios program standard agreement 20140909.pdf, jan 2016.
    [7] Yuvraj Agarwal and Malcolm Hall. Protectmyprivacy: detecting and mitigating privacy leaks on ios devices using crowdsourcing. In Proceeding of the 11th annual international conference on Mobile systems, applications, and services, pages 97–110. ACM, 2013.
    [8] Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for an- droid apps. Acm Sigplan Notices, 49(6):259–269, 2014.
    [9] User Interface Design Group at MIT. Sikuli. http://www.sikuli.org/.
    [10] Gleison Brito, Andre Hora, Marco Tulio Valente, and Romain Robbes. Do developers deprecate apis with replacement messages? a large-scale analysis on java systems. In Software Analysis, Evolution, and Reengineering (SANER), 2016 IEEE 23rd Inter- national Conference on, volume 1, pages 360–369. IEEE, 2016.
    [11] Jeffrey Dean and Sanjay Ghemawat. Mapreduce: Simplified data processing on large clusters. Commun. ACM, 51(1):107–113, January 2008.
    [12] Jeffrey Dean and Sanjay Ghemawat. Mapreduce: simplified data processing on large clusters. Communications of the ACM, 51(1):107–113, 2008.
    [13] Zhui Deng, Brendan Saltaformaggio, Xiangyu Zhang, and Dongyan Xu. iris: Vetting private API abuse in ios applications. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12-6, 2015, pages 44–56, 2015.
    [14] Adam Shook Donald Miner. MapReduce Design Patterns. O’Reilly Media, May 2012.
    [15] Manuel Egele, Christopher Kruegel, Engin Kirda, and Giovanni Vigna. Pios: De-
    tecting privacy leaks in ios applications. In NDSS, 2011.
    [16] William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N Sheth. Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS), 32(2):5, 2014.
    [17] Adrienne Porter Felt, Matthew Finifter, Erika Chin, Steve Hanna, and David Wag- ner. A survey of mobile malware in the wild. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pages 3–14. ACM, 2011.
    [18] Yu Feng, Saswat Anand, Isil Dillig, and Alex Aiken. Apposcopy: Semantics-based detection of android malware through static analysis. In Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, pages 576–587. ACM, 2014.
    [19] Alessandra Gorla, Ilaria Tavecchia, Florian Gross, and Andreas Zeller. Checking app behavior against app descriptions. In Proceedings of the 36th International Confer- ence on Software Engineering, pages 1025–1035. ACM, 2014.
    [20] Jin Han, Qiang Yan, Debin Gao, Jianying Zhou, and Huijie Robert DENG. Android or ios for better privacy protection? 2014.
    [21] Jianjun Huang, Xiangyu Zhang, Lin Tan, Peng Wang, and Bin Liang. Asdroid: Detecting stealthy behaviors in android applications by user interface and program behavior contradiction. In Proceedings of the 36th International Conference on Soft- ware Engineering, pages 1036–1046. ACM, 2014.
    [22] Apple Inc. Apple worldwide developers conference 2015. https://developer. apple.com/videos/wwdc2015/, 2015.
    [23] Mariantonietta La Polla, Fabio Martinelli, and Daniele Sgandurra. A survey on security for mobile devices. IEEE communications surveys & tutorials, 15(1):446– 471, 2013.
    [24] Li Li, Alexandre Bartel, Tegawend ́e F Bissyand ́e, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick Mc- Daniel. Iccta: Detecting inter-component privacy leaks in android apps. In Proceed- ings of the 37th International Conference on Software Engineering-Volume 1, pages 280–291. IEEE Press, 2015.
    [25] Li Li, Tegawend ́e F Bissyand ́e, Damien Octeau, and Jacques Klein. Droidra: Taming reflection to support whole-program analysis of android apps. In Proceedings of the 25th International Symposium on Software Testing and Analysis, pages 318–329. ACM, 2016.
    [26] Benjamin Livshits and Jaeyeon Jung. Automatic mediation of privacy-sensitive re- source access in smartphone applications. In Proceedings of the 22th USENIX Secu- rity Symposium, Washington, DC, USA, August 14-16, 2013, pages 113–130.
    [27] Tyler McDonnell, Baishakhi Ray, and Miryung Kim. An empirical study of api stability and adoption in the android ecosystem. In Software Maintenance (ICSM), 2013 29th IEEE International Conference on, pages 70–79. IEEE, 2013.
    [28] Shinya Kasatani Patrick Lightbody Julian Harty Jennifer Bevan Haw-Bin Chai Philippe Hanrigou, Jason Huggins et al. selenium. http://www.seleniumhq. org/, 2008. [Online; accessed 19-July-2008].
    [29] Hex-Rays SA. Ida pro. https://www.hex-rays.com/products/ida/ index.shtml.
    [30] N. Seriot. ios-runtime-headers. url = https://github.com/nst/iOS-Runtime-Headers. (Visited on 10/31/2015).
    [31] Paulo de Barros SILVA FILHO. Static analysis of implicit control flow: resolving java reflection and android intents. 2016.
    [32] Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke Lee. Jekyll on ios: When benign apps become evil. In Presented as part of the 22nd USENIX Secu- rity Symposium (USENIX Security 13), pages 559–572, Washington, D.C., 2013. USENIX.
    [33] Tim Werthmann, Ralf Hund, Lucas Davi, Ahmad-Reza Sadeghi, and Thorsten Holz. Psios: bring your own privacy & security to ios devices. In Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pages 13–24. ACM, 2013.
    [34] Tom White. Hadoop: The Definitive Guide, 3rd Edition. O’Reilly Media / Yahoo Press, May 2012.
    [35] Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, and X Sean Wang. Appintent: Analyzing sensitive data transmission in android for privacy leakage de- tection. In Proceedings of the 2013 ACM SIGSAC conference on Computer & com- munications security, pages 1043–1054. ACM, 2013.
    [36] Fang Yu, Yuan-Chieh Lee, Steven Tai, and Wei-Shao Tang. Appbeach: Characteriz- ing app behaviors via static binary analysis. In Proceedings of the 2013 IEEE Second International Conference on Mobile Services, page 86. IEEE Computer Society, 2013.
    [37] Jing Zhou and Robert J Walker. Api deprecation: a retrospective analysis and detection method for code examples on the web. In Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering, pages 266–277. ACM, 2016.
    [38] Yajin Zhou, Zhi Wang, Wu Zhou, and Xuxian Jiang. Hey, you, get off of my mar- ket: detecting malicious apps in official and alternative android markets. In NDSS, volume 25, pages 50–52, 2012.
    Description: 碩士
    國立政治大學
    資訊管理學系
    103356019
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0103356019
    Data Type: thesis
    Appears in Collections:[Department of MIS] Theses

    Files in This Item:

    File SizeFormat
    601901.pdf4777KbAdobe PDF2297View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback