参考文献
[1]卿斯汉.Android 安全研究进展[J].软件学报,2016,27(1):45-71.
[2]张玉清,王凯,杨欢,等.Android 安全综述[J].计算机研究与发展,2014,51(7):1385-1396.
[3]TAN D J J,CHUA T W,THING V L L.Securing Android:A Survey,Taxonomy,and Challenges[J].ACM Computing Surveys,2015,47(4):58-99.
[4]ZHOU Yajin,JIANG Xuxian.Dissecting Android Malware:Characterization and Evolution[C]//Proceedings of IEEE Symposium on Security and Privacy.IEEE Computer Society.Washington D.C.,USA:IEEE Press,2012:95-109.
[5]ZHOU Wu,ZHANG Xinwen,JIANG Xuxian.AppInk:Water-marking Android Apps for Repackaging Deterrence[C]//Proceedings of the 8th ACM SIGSAC Symposium on Information,Computer and Communications Security.New York,USA:ACM Press,2013:1-12.
[6]RASTHOFER S,ARZT S,LOVAT E,et al.Droidforce:Enforcing Complex,Data-centric,System-wide Policies in Android[C]//Proceedings of Ninth International Conference on Availability,Reliability and Security.Washington D.C.,USA:IEEE Press,2014:40-49.
[7]ZHOU Wu,ZHOU Yajin,JIANG Xuxian,et al.Detecting Repackaged Smartphone Applications in Third-party Android Marketplaces[C]//Proceedings of the 2nd ACM Conference on Data and Application Security and Privacy.New York,USA:ACM Press,2012:317-326.
[8]CRUSSELL J,GIBLER C,CHEN Hao.Attack of the Clones:Detecting Cloned Applications on Android Markets[C]//Proceedings of European Symposium on Research in Computer Security.Berlin,Germany:Springer-Verlag,2012:37-54.
[9]FELT A P,CHIN E,HANNA S,et al.Android Permissions Demystified[C]//Proceedings of the 18th ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2011:627-638.
[10]AU K W Y,ZHOU Yifan,HUANG Zhen,et al.Pscout:Analyzing the Android Permission Specification[C]//Proceedings of the 2012 ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2012:217-228.
[11]GRACE M C,ZHOU Yajin,WANG Zhi,et al.Systematic Detection of Capability Leaks in Stock Android Smartphones[C]//Proceedings of the 19th Network and Distributed System Security Symposium.Washington D.C.,USA:IEEE Press,2012:19.
[12]LU Long,LI Zhichun,WU Zhenyu,et al.Chex:Statically Vetting Android Apps for Component Hijacking Vulner-abilities[C]//Proceedings of 2012 ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2012:229-240.
[13]GRACE M,ZHOU Yajin,ZHANG Qiang,et al.Riskranker:Scalable and Accurate Zero-day Android Malware Detec-tion[C]//Proceedings of the 10th International Conference on Mobile Systems,Applications,and Services.New York,USA:ACM Press,2012:281-294.
[14]ARZT S,RASTHOFER S,FRITZ C,et al.Flowdroid:Precise Context,Flow,Field,Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps[C]//Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation.New York,USA:ACM Press,259-269.
[15]YANG Zhemin,YANG Min,ZHANG Yuan,et al.Appintent:Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection[C]//Proceedings of ACM SIGSAC Conference on Computer & Com-munications Security.New York,USA:ACM Press,2013:1043-1054.
[16]CHIN E,FELT A P,GREENWOOD K,et al.Analyzing Inter-application Communication in Android[C]//Proceedings of the 9th International Conference on Mobile Systems,Applications,and Services.New York,USA:ACM Press,2011:239-252.
[17]OCTEAU D,MCDANIEL P,JHA S,et al.Effective Inter-component Communication Mapping in Android with Epicc:An Essential Step Towards Holistic Security Analysis[C]//Proceedings of the 22nd USENIX Conference on Security.USENIX Association.Washington D.C.,USA:[s.n.],2013:543-558.
[18]LI Li,BARTEL A,BISSYANDE T F,et al.IccTA:Detecting Inter-component Privacy Leaks in Android Apps[C]//Proceedings of the 37th International Conference on Software Engineering-Volume 1.Washington D.C.,USA:IEEE Press,2015:280-291.
[19]WEI Fengguo,ROY S,OU Xinming.Amandroid:A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps[C]//Proceedings of 2014 ACM SIGSAC Conference on Computer and Communications Security.New York,USA:ACM Press,2014:1329-1341.
[20]ENCK W,ONGTANG M,MCDANIEL P.Understanding Android Security[J].IEEE Security & Privacy,2009(1):50-57.
[21]ZHANG Mu,DUAN Yue,FENG Qian,et al.Towards Automatic Generation of Security-centric Descriptions for Android Apps[C]//Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security.New York,USA:ACM Press,2015:518-529.
[22]WANG Ruowen,ENCK W,REEVES D,et al.Easeandroid:Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-scale Semi-supervised Learn-ing[C]//Proceedings of the 24th USENIX Security Symposium.USENIX Association.Washington,D.C.:[s.n.],2015:351-366.
[23]BUGIEL S,DAVI L,DMITRIENKO A,et al.Towards Taming Privilege-escalation Attacks on Android[J].Proceedings of Annual Network & Distributed System Security Symposium,2013,130(130):346-360.
[24]BUGIEL S,HEUSER S,SADEGHI A R.Flexible and Fine-grained Mandatory Access Control on Android for Diverse Security and Privacy Policies[C]//Proceedings of the 22nd USENIX Conference on Security.Washington D.C.,USA:USENIX Association,2013:131-146.
[25]ZHAO Zhibo,OSONO F C C.“TrustDroidTM”:Preventing the Use of SmartPhones for Information Leaking in Corporate Networks Through the Use of Static Analysis Taint Tracking[C]//Proceedings of International Conference on Malicious and Unwanted Software.Washington D.C.,USA:IEEE Press,2012:135-143.
[26]WANG Rui,XING Luyi,WANG Xiaofeng,et al.Unauthorized Origin Crossing on Mobile Platforms:Threats and Mitiga-tion[C]//Proceedings of ACM SIGSAC Conference on Computer & Communications Security.New York,USA:ACM Press,2013:635-646.
[27]ENCK W,GILBERT P,CHUN B G,et al.TaintDroid:An Information-flow Tracking System for Realtime Privacy Monitoring on Smartphones[J].ACM Tran-sactions on Computer Systems,2014,32(2):1-29.
(下转第176页)
(上接第170页)
[28]FELT A P,WANG H J,MOSHCHUK A,et al.Permission Re-delegation:Attacks and Defenses[C]//Proceedings of Usenix Conference on Security.New York,USA:USENIX Association,2011:22.
[29]DIETZ M,SHEKHAR S,PISETSKY Y,et al.QUIRE:Lightweight Provenance for Smart Phone Operating Systems[C]//Proceedings of USENIX Conference on Security.San Francisco,USA:USENIX Association,2011:23.
[30]ZHANG Yuan,YANG Min,XU Bingquan,et al.Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis[C]//Proceedings of 2013 ACM SIGSAC Conference on Computer & Communications Security.New York,USA:ACM Press,2013:611-622.
[31]XU Rubin,SAIDI H,ANDERSON R.Aurasium:Practical Policy Enforcement for Android Applications[C]//Proceedings of USENIX Conference on Security Symposium.Bellevue,USA:USENIX Association,2012:27.
[32]BACKES M,GERLING S,HAMMER C,et al.AppGuard-Enforcing User Requirements on Android Apps[C]//Proceedings of Tools and Algorithms for the Construction and Analysis of Systems.Berlin,Germany:Springer-Verlag,2013:543-548.
[33]BACKES M,BUGIEL S,HAMMER C,et al.Boxify:Full-fledged App Sandboxing for Stock Android[C]//Pro-ceedings of USENIX Conference on Security Symposium.Washington D.C.,USA:USENIX Association,2015:691-706.
[34]XING Luyi,PAN Xiaorui,WANG Rui,et al.Upgrading Your Android,Elevating My malware:Privilege Escalation Through Mobile OS Updating[C]//Proceedings of IEEE Symposium on Security and Privacy.Washington D.C.,USA:IEEE Press,2014:393-408.
编辑刘冰 |