跳到主要內容

臺灣博碩士論文加值系統

(34.204.169.230) 您好!臺灣時間:2024/02/22 00:33
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:戴睿宸
研究生(外文):Tai, Ruei Chen
論文名稱:行動應用程式的函式行為分析
論文名稱(外文):Distributed Call Sequence Counting on iOS Executable
指導教授:郁方郁方引用關係
指導教授(外文):Yu, Fang
學位類別:碩士
校院名稱:國立政治大學
系所名稱:資訊管理研究所
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
畢業學年度:102
語文別:英文
論文頁數:45
中文關鍵詞:呼叫序列行動應用程式安全字串分析分散式運算
外文關鍵詞:call sequencemobile app securitysyntax analysisdistributed computing
相關次數:
  • 被引用被引用:0
  • 點閱點閱:128
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
本研究利用字串分析之方式對行動應用程式之執行檔進行靜態分析,進以偵測行動應用程式之行為。 本研究計算行動應用程式所呼叫特定系統函式之序列,進一步比對特定可疑行為模式並判定行動應用程式是否包含其可疑行為,由於進行此研究需要考慮行動應用程式執行檔中每一個系統函式的呼叫,因此增加了大量的計算複雜度,故需要大量的運算資源來進行,為了提高運算的效率,本研究採用了Hadoop 作為分散式運算的平台來達成可延展的分析系統,進以達成分析大量行動應用程式的目的,透過建立特定的行為模式庫,本研究已分析了上千個現實使用的行動應用程式,並提供其含有潛在可疑行為的分析報告。
This work presents a syntax analysis on the executable files of iOS apps to characterize and detect suspicious behaviors performed by the apps. The main idea is counting the appearances of call sequences in the apps which are resolved via reassembling the executable binaries. Since counting the call sequences of the app needs to consider different combinations of every function calls in the app, which significantly increases the complexity of the computing, it takes abundant computing power to bring out our analysis on massive apps on the market, to improve the performance and the effectiveness of our analysis, this work adopted a distributed computing algorithm via Hadoop framework achieving a scalable static syntax analysis which is able to process huge amount of modern apps. We learn the malicious behaviors pattern through comparing the pairs of normal and abnormal app which are identical except on certain behaviors we inserted. By matching the patterns with the call sequences we collected from the public apps, we characterized the behaviors of apps and report the suspicious behaviors carried potential security threats in the apps.
Abstract i
Contents iv
List of figures v
List of tables vi
1. Introduction 1
2. Literature review 6
2.1. Malicious behaviors of mobile apps 6
2.2. Detecting malicious behaviors within apps 7
2.3. Distributed computing 9
3. Static binary analysis 11
3.1. Extract and decrypt binary 12
3.2. Dump assemble file of binary 15
3.3. Distributed computation on call sequences 17
4. Malicious behavior detection 22
4.1. Malicious behaviors 22
4.2. Characterize Malicious Behaviors on Counting Call Sequences 25
4.3. Pattern inclusion 27
5. Implementation 29
6. Evaluation 33
7. Conclusion 38
References 40
[1] 55% of Social Networking Consumption Occurs on A Mobile Device. (2013, February 27). MarketingCharts. Retrieved March 6, 2014, from http://www.marketingcharts.com/wp/interactive/55-of-social-networking-consumption-occurs-on-a-mobile-device-27327/.
[2] Android Market Terms of Service. (2012, February 16). Android Market Terms of Service. Retrieved March 6, 2014, from http://www.google.com/mobile/android/market-tos.html.
[3] Apache Hadoop. (n.d.). Apache Hadoop. Retrieved March 6, 2014, from http://hadoop.apache.org/
[4] Apple - Apple Customer Privacy Policy. (2013, August 1). Apple - Apple Customer Privacy Policy. Retrieved March 6, 2014, from http://www.apple.com/privacy/
[5] Apple App Store. (2013, October 22). Wikipedia. Retrieved March 6, 2014, from http://en.wikipedia.org/wiki/App_Store_(iOS)#cite_note-ios7-1.
[6] Apple Approves, Pulls Flashlight App with Hidden Tethering Mode. (2010, July 21). Wired. Retrieved March 7, 2014, from http://www.wired.com/gadgetlab/2010/07/apple-approves-pulls-flashlight%2dapp-with-hidden-tethering-mode/.
[7] Apple Developer. (n.d.). Xcode. Retrieved March 6, 2014, from http://developer.apple.com/xcode.
[8] Apple Store. (2010, March 1). Apple Store. Retrieved March 6, 2014, from http://store.apple.com/Catalog/US/Images/ADC_terms.html
[9] Babić, D., Reynaud, D., &; Song, D. (2011, January). Malware analysis with tree automata inference. In Computer Aided Verification (pp. 116-131). Springer Berlin Heidelberg.
[10] Cydia. (n.d.). Cydia. Retrieved March 6, 2014, from http://cydia.saurik.com/.
[11] Dean, J., &; Ghemawat, S. (2008). MapReduce: simplified data processing on large clusters. Communications of the ACM, 51(1), 107-113.
[12] Egele, M., Kruegel, C., Kirda, E., &; Vigna, G. (2011, February). PiOS: Detecting Privacy Leaks in iOS Applications. In NDSS.
[13] Enck, W. H. (2011). Analysis techniques for mobile operating system security (Doctoral dissertation, The Pennsylvania State University).
[14] Enck, W. (2011). Defending users against smartphone apps: Techniques and future directions. In Information Systems Security (pp. 49-70). Springer Berlin Heidelberg.
[15] Enck, W., Gilbert, P., Chun, B. G., Cox, L. P., Jung, J., McDaniel, P., &; Sheth, A. (2010, October). TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In OSDI (Vol. 10, pp. 1-6).
[16] Enck, W., Octeau, D., McDaniel, P., &; Chaudhuri, S. (2011, August). A Study of Android Application Security. In USENIX Security Symposium.
[17] Felt, A. P., Finifter, M., Chin, E., Hanna, S., &; Wagner, D. (2011, October). A survey of mobile malware in the wild. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices (pp. 3-14). ACM.
[18] Gilbert, P., Chun, B. G., Cox, L. P., &; Jung, J. (2011, June). Vision: automated security validation of mobile apps at app markets. In Proceedings of the second international workshop on Mobile cloud computing and services (pp. 21-26). ACM.
[19] IDA. (n.d.). IDA. Retrieved March 6, 2014, from https://www.hex-rays.com/products/ida/support/tutorials/index.shtml.
[20] Jones, C. (2013, December 11). Apple's App Store About To Hit 1 Million Apps. Forbes. Retrieved March 6, 2014, from http://www.forbes.com/sites/chuckjones/2013/12/11/apples-app-store-about-to-hit-1-million-apps/.
[21] List of countries by number of mobile phones in use. (2014, May 3). Wikipedia. Retrieved March 6, 2014, from http://en.wikipedia.org/wiki/List_of_countries_by_number_of_mobile_phones_in_use
[22] Mac Developer Library. (2013, April 25). Mac Developer Library. Retrieved March 6, 2014, from http://developer.apple.com/library/mac/#documentation/Cocoa/Conceptual/ProgrammingWithObjectiveC/Introduction/Introduction.html.
[23] Mann, C., &; Starostin, A. (2012, March). A framework for static detection of privacy leaks in android applications. In Proceedings of the 27th Annual ACM Symposium on Applied Computing (pp. 1457-1462). ACM.
[24] Media Consumption Estimates: Mobile > PC; Digital > TV. (2013, August 5). MarketingCharts. Retrieved March 6, 2014, from http://www.marketingcharts.com/wp/television/media-consumption-estimates-mobile-pc-digital-tv-35626/
[25] More Smartphones Were Shipped in Q1 2013 Than Feature Phones, An Industry First According to IDC - prUS24085413. (2013, April 25). More Smartphones Were Shipped in Q1 2013 Than Feature Phones, An Industry First According to IDC - prUS24085413. Retrieved March 6, 2014, from http://www.idc.com/getdoc.jsp?containerId=prUS24085413.
[26] NEWSBYTES.PH | Philippine smartphone adoption rate at 15%. (2013, September 18). Infotek News InterAksyoncom. Retrieved March 6, 2014, from http://www.interaksyon.com/infotech/newsbytes-ph-philippine-smartphone-adoption-rate-at-15.
[27] Newsroom. (2013, August 14). Gartner Says Smartphone Sales Grew 46.5 Percent in Second Quarter of 2013 and Exceeded Feature Phone Sales for First Time. Retrieved March 6, 2014, from http://www.gartner.com/newsroom/id/2573415.
[28] Newswire . (2013, December 16). Consumer Electronics Ownership Blasts Off in 201. Retrieved March 6, 2014, from http://www.nielsen.com/us/en/newswire/2013/consumer-electronics-ownership-blasts-off-in-2013.html.
[29] Newswire . (2013, June 6). Mobile Majority: U.S. Smartphone Ownership Tops 60%. Retrieved March 6, 2014, from http://www.nielsen.com/us/en/newswire/2013/mobile-majority--u-s--smartphone-ownership-tops-60-.html.
[30] Objective-C. (2014, May 3). Wikipedia. Retrieved March 6, 2014, from https://en.wikipedia.org/wiki/Objective-C.
[31] PC Users Increasingly Turning to Smart Devices for Web Browsing, Facebook Access. (2013, February 11). MarketingCharts. Retrieved March 6, 2014, from http://www.marketingcharts.com/wp/interactive/pc-users-increasingly-turning-to-smart-devices-for-web-browsing-facebook-access-26881/.
[32] Realtime Privacy Monitoring on Smartphones. (n.d.). TaintDroid:. Retrieved March 6, 2014, from http://appanalysis.org/
[33] Szydlowski, M., Egele, M., Kruegel, C., &; Vigna, G. (2012). Challenges for dynamic analysis of iOS applications. In Open Problems in Network Security (pp. 65-77). Springer Berlin Heidelberg.
[34] Tablet Shipments Forecast to Top Total PC Shipments in the Fourth Quarter of 2013 and Annually by 2015, According to IDC - prUS24314413. (2013, September 11). Tablet Shipments Forecast to Top Total PC Shipments in the Fourth Quarter of 2013 and Annually by 2015, According to IDC - prUS24314413. Retrieved March 6, 2014, from http://www.idc.com/getdoc.jsp?containerId=prUS24314413.
[35] TERMS AND CONDITIONS. (2011, October 12). iTUNES STORE -. Retrieved March 6, 2014, from http://www.apple.com/legal/itunes/us/terms.html#APPS.
[36] The Four-Year Anniversary of the Apple App Store. (2013, April 17). DISTIMO. Retrieved March 7, 2014, from http://www.distimo.com/publications/archive/Distimo%20Publication%20-%20July%202012.pdf.
[37] The NPD Group. (2013, February 7). 37 Percent of PC Users Migrate Activities to Mobile Devices. Retrieved March 6, 2014, from https://www.npd.com/wps/portal/npd/us/news/press-releases/37-percent-of-pc-users-migrate-activities-to-mobile-devices-according-to-the-npd-group/.
[38] Wetherall, D., Choffnes, D., Greenstein, B., Han, S., Hornyack, P., Jung, J., ... &; Wang, X. (2011, May). Privacy revelations for web and mobile apps. In Proceedings of the 13th USENIX conference on Hot topics in operating systems (pp. 21-21). USENIX Association.
[39] Zhou, Y., Wang, Z., Zhou, W., &; Jiang, X. (2012, February). Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (pp. 5-8).
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top