[1] GORDON M I,KIM D,PERKINS J H,et al.Information flow analysis of Android applications in droidsafe[C]//Proceedings of 2015 NDSS Symposium.[S.l.]:Internet Society,2015:1-5. [2] WANG Lei,LI Feng,LI Lian,et al.Principle and practice of taint analysis[J].Journal of Software,2017,28(4):860-882.(in Chinese)王蕾,李丰,李炼,等.污点分析技术的原理和实践应用[J].软件学报,2017,28(4):860-882. [3] TRIPP O,PISTOIA M,FINK S J,et al.TAJ:effective taint analysis of Web applications[J].ACM SIGPLAN Notices,2009,44(6):87-97. [4] LIVSHITS V B,LAM M S.Finding security vulnerabilities in Java applications with static analysis[C]//Proceedings of the 14th USENIX Security Symposium.Baltimore,USA:USENIX,2005:18-19. [5] HUANG W,DONG Y,MILANOVA A.Type-based taint analysis for Java Web applications[C]//Proceedings of International Conference on Fundamental Approaches to Software Engineering.Berlin,Germany:Springer,2014:140-154. [6] ARZT S,RASTHOFER S,FRITZ C,et al.FlowDroid:precise context,flow,field,object-sensitive and lifecycle-aware taint analysis for Android apps[J].ACM SIGPLAN Notices,2014,49(6):259-269. [7] ARZT S,BODDEN E.StubDroid:automatic inference of precise data-flow summaries for the Android framework[C]//Proceedings of the 38th IEEE/ACM International Conference on Software Engineering.Washington D.C.,USA:IEEE Press,2016:725-735. [8] YANG Shengqian,YAN Dacong,WU Haowei,et al.Static control-flow analysis of user-driven callbacks in Android applications[C]//Proceedings of the 37th IEEE/ACM IEEE International Conference on Software Engineering.Washington D.C.,USA:IEEE Press,2015:89-99. [9] WEI F,ROY S,OU X.Amandroid:a precise and general inter-component data flow analysis framework for security vetting of Android apps[C]//Proceedings of 2014 ACM SIGSAC Conference on Computer and Communications Security.New York,USA:ACM Press,2014:1329-1341. [10] RICE H G.Classes of recursively enumerable sets and their decision problems[J].Transactions of the American Mathematical Society,1953,74(2):358-366. [11] ROGERS H.Theory of recursive functions and effective computability[M].New York,USA:McGraw-Hill,1967. [12] ZHAO Yunshan,GONG Yunzhan,ZHOU Ao,et al.False positive elimination in static defect detection[J].Journal of Computer Research and Development,2012,49(9):1822-1831.(in Chinese)赵云山,宫云战,周傲,等.静态缺陷检测中的误报消除技术研究[J].计算机研究与发展,2012,49(9):1822-1831. [13] WANG Lei,ZHOU Qing,HE Dongjie,et al.Multi-source taint analysis technique for privacy leak detection of Android apps[J].Journal of Software,2019,30(2):211-230.(in Chinese)王蕾,周卿,何东杰,等.面向Android应用隐私泄露检测的多源污点分析技术[J].软件学报,2019,30(2):211-230. [14] LI Xiao,ZHOU Yan,LI Mengchen,et al.Automatically validating static memory leak warnings for C/C++programs[J].Journal of Software,2017,28(4):827-844.(in Chinese)李筱,周严,李孟宸,等.C/C++程序静态内存泄漏警报自动确认方法[J].软件学报,2017,28(4):827-844. [15] ENCK W,GILBERT P,HAN S,et al.TaintDroid:an information-flow tracking system for realtime privacy monitoring on smartphones[J].ACM Transactions on Computer Systems,2014,57(3):99-106. [16] TAM K,KHAN S J,FATTORI A,et al.CopperDroid:automatic reconstruction of Android malware behaviors[C]//Proceedings of 2015 NDSS Symposium.[S.l.]:Internet Society,2015:6-10. [17] PRAVIN M N P.Vetdroid:analysis using permission for vetting undesirable behaviours in Android applications[J].International Journal of Innovative and Emerging Research in Engineering,2015,2(3):131-136. [18] XU R,SAÏDI H,ANDERSON R.Aurasium:practical policy enforcement for Android applications[C]//Proceedings of the 21st USENIX Security Symposium.Baltimore,USA:USENIX,2012:539-552. [19] YANG Zhemin,YANG Min,ZHANG Yuan,et al.AppIntent:analyzing sensitive data transmission in Android for privacy leakage detection[C]//Proceedings of 2013 ACM SIGSAC Conference on Computer and Communications Security.New York,USA:ACM Press,2013:1043-1054. [20] VALLÉERAI R,CO P,GAGNON E,et al.Soot:a Java bytecode optimization framework[C]//Proceedings of CASCON'10.New York,USA:ACM Press,2010:214-224. [21] ARZT S.Static data flow Analysis for Android applications[D].Darmstadt,Germany:Technische Universität Darmstadt,2017. |