摘要
针对Android应用程序常被不完全地审查,不充分的隔离,且毫无限制地被用户安装所引起的用户私有敏感信息的泄露,通过采用动态污点分析技术监测敏感信息何时通过不可信的应用程序离开系统,同时根据需要采用无害的影子数据遮蔽敏感信息,或者阻断泄露私有信息的通信,防止应用程序访问用户希望保密的数据,在系统的层面上实现实时监测和控制Android应用程序使用用户私有敏感信息.
Smartphone applications are frequently incompletely vetted, poorly isolated and installed by users without restraint. Such behavior causes users' private sensitive information leakage. By means of employing dynamic taint analysis technology, our work detects when sensitive data leaves the system via untrusted applications. Meanwhile, according to the need, it uses harmless data to cover the sensitive information, or cuts off the exfiltration communication. Then it can prevent an application to access the data which user wants to keep confidential, achieve real-time monitoring and control for Android applications in misusing the user private information from system level.
出处
《计算机系统应用》
2014年第6期215-219,共5页
Computer Systems & Applications
关键词
安卓
用户私有敏感信息
动态污点分析
信息流追踪
隐私控制
Android
users' private sensitive information
dynamic taint analysis
information-flow tracking system
privacy control system