基于安全容器的Activity钓鱼劫持防御方案

doi:10.3969/j.issn.1671-1122.2017.12.011

信息网络安全 ›› 2017, Vol. 17 ›› Issue (12): 61-66.doi: 10.3969/j.issn.1671-1122.2017.12.011

基于安全容器的Activity钓鱼劫持防御方案

陈璨璨, 崔浩亮, 张文, 牛少彰

北京邮电大学智能通信软件与多媒体北京市重点实验室,北京 100876

收稿日期:2017-08-31 出版日期:2017-12-20 发布日期:2020-05-12
作者简介:
作者简介：陈璨璨（1993—）,女,广西,硕士研究生,主要研究方向为移动通信安全;崔浩亮（1987—）,男,河北,博士研究生,主要研究方向为信息安全、漏洞挖掘;张文（1987—）,男,四川,博士研究生,主要研究方向为信息安全、移动安全技术;牛少彰（1963—）,男,教授,博士,主要研究方向为网络信息安全、网络攻防技术、软件安全、信息隐藏技术等。
基金资助:
国家自然科学基金[61370195];国家自然科学基金联合基金[U1536121]

A Defense Scheme for Activity Hijack Based on Safe Container

Cancan CHEN, Haoliang CUI, Wen ZHANG, Shaozhang NIU

Beijing Key Lab of Intelligent Telecommunication Software and Multimedia, Beijing University of Posts and Telecommunications, Beijing 100876, China

Received:2017-08-31 Online:2017-12-20 Published:2020-05-12

摘要/Abstract

摘要：

钓鱼劫持作为窃取用户隐私数据的恶意攻击行为,对用户的隐私数据造成了严重的安全威胁。针对钓鱼劫持攻击链中的恶意试探环节,文章提出了利用安全容器将应用与外部环境隔离,使得外部的恶意应用无法获取在容器中运行的应用的状态和在容器中运行的任务栈的栈顶信息,只能获取虚假的代理组件,有效阻止外部的恶意应用对Activity界面进行覆盖。文中方案从钓鱼劫持的攻击流程角度进行分析,设计拦截手段,阻止Activity钓鱼劫持的发生。实验结果表明,文中方案能够有效地为应用提供安全可靠的运行环境,并且不会对系统内核进行修改,保证应用免受Activity钓鱼劫持的恶意攻击。

关键词: 安全容器, 钓鱼劫持, 恶意攻击

Abstract:

As a malicious attack to steal user privacy data, Activity hijack causes serious security threat to user's private data. For the malicious test link of the Activity hijack attacks, this paper puts forward the concept of using safe container operation environment that isolate the application from the external environment. It is hard for malicious attackers to get the running state and the information from the running task about the application running in the safe container, only can get the fake information of the proxy components. So it can prevent external malicious attackers from covering the Activity interface. This scheme is anylyzed from the perspective of Activity hijack attack process, designs interception means to prevent the occurrence of Activity hijack. Experimental results show that our method is available and effective to provide safe and reliable operation environment for the application. What's more, it don't change the kernel of android and can ensure the application from the attacks of Activity hijack.

Key words: security container, hijacked fishing, malicious attacks

中图分类号:

TP309.1

陈璨璨, 崔浩亮, 张文, 牛少彰. 基于安全容器的Activity钓鱼劫持防御方案[J]. 信息网络安全, 2017, 17(12): 61-66.

Cancan CHEN, Haoliang CUI, Wen ZHANG, Shaozhang NIU. A Defense Scheme for Activity Hijack Based on Safe Container[J]. Netinfo Security, 2017, 17(12): 61-66.

图/表 12

图 1

表1

图 2

图 3

图 4

图 5

图 6

图7

图8

表 2

表3

图 9

参考文献 13

[1]	IDC. Smartphone OS Market Share, 2017 Q1[EB/OL].
[2]	蔡林,陈铁明. Android移动恶意代码检测的研究概述与展望[J]. 信息网络安全,2016(9):218-222.
[3]	DAI Guqian, GE Jigang, CAI Minghang, et al. SVM-based Malware Detection for Android Applications[EB/OL]. https://www.deepdyve.com/lp/association-for-computing-machinery/svm-based-malware-detection-for-android-applications-2HlS0vbpyG, 2015-6-22.
[4]	NAN Yuhong , YANG Min , YANG Zhemin , et al. UIPicker: User-input Privacy Identification in Mobile Applications[EB/OL]. .
[5]	BIANCHI A, CORBETTA J, INVERNIZZI L, et al. What the App is That? Deception and Countermeasures in the Android User Interface[EB/OL]. .
[6]	李汶洋. Android操作系统恶意软件检测技术研究[J]. 信息网络安全,2015(9):62-65.
[7]	REN Chuangang , ZHANG Yulong, XUE Hui , et al. Towards Discovering and Understanding Task Hijacking in Android[EB/OL]. .
[8]	徐强,梁彬,游伟,等. 基于SURF算法的Android恶意应用钓鱼登录界面检测[J]. 清华大学学报:自然科学版,2016(1):77-82.
[9]	SUN Mingshen, LI Mengmeng , LUI J C S , et al. DroidEagle: Seamless Detection of Visually Similar Android Apps[EB/OL]. .
[10]	余丽芳,杨天长,牛少彰. 一种增强型Android组件间安全访问控制方案[J]. 信息网络安全,2016(8):54-60.
[11]	CHEN Wenzhi, XU Lei, LI Guoxi, et al.A Lightweight Virtualization Solution for Android Devices[J]. IEEE Transactions on Computers, 2015, 64(10): 2741-2751.
[12]	YANG Zhemin, YANG Min, ZHANG Yuan, et al. AppIntent: Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection[EB/OL]. .
[13]	REN Yunlong , LI Yue, YUAN Fangfang , et al. Hijacking Activity Technology Analysis and Research in Android System[EB/OL]. .

基于安全容器的Activity钓鱼劫持防御方案

A Defense Scheme for Activity Hijack Based on Safe Container

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 12

参考文献 13

相关文章 1

编辑推荐

Metrics

本文评价