Application Security Reinforcement Scheme Based on Intent Filter

doi:10.3969/j.issn.1671-1122.2017.11.011

Abstract

Abstract:

Intent test is an important part before the release of Android applications, when the test case coverage is incomplete, the potential risk will stay in the application. This paper proposes a self-learning Intent filtering reinforcement scheme based on decision tree to extract filtering rules for the potential risks, which caused by the application without comprehensive and effective security verification of Intent communication. There is no need to modify the source or installation package, just to place the application in a safe container designed in this article. The scheme uses the decision tree algorithm to intercept the Intent attack with high similarity, and protect the application of the runtime from malicious Intent. At the same time, the algorithm has the ability of self-learning, according to the running state of current application, it can construct decision tree and generate filtering rules to adapt to the new environmental changes. The experimental results show that the reinforcement scheme can provide effective security for Intent communication, and it has little effect on the speed and efficiency of the application itself, so that the developers can only focus on their own business logic without worrying about the security problems related to Intent communication.

Key words: Android system, Intent test, decision trees, reinforcement, filter

CLC Number:

TP309.1

Debing LU, Haoliang CUI, Wen ZHANG, Shaozhang NIU. Application Security Reinforcement Scheme Based on Intent Filter[J]. Netinfo Security, 2017, 17(11): 67-73.

Figures/Tables 11

References 17

[1]	IDC. Smartphone OS Market Share, 2017 Q1[EB/OL]. , 2017-5-11.
[2]	CHAN P P F, HUI L C K, YIU S M. DroidChecker: Analyzing Android Applications for Capability Leak[EB/OL]. , 2012-4-16.
[3]	李汶洋. Android操作系统恶意软件检测技术研究[J].信息网络安全,2015(9):62-65.
[4]	AVANCINI A, CECCATO M. Security Testing of the Communication among Android Applications[EB/OL]. , 2013-5-18.
[5]	YE Hui, CHENG Shaoying, ZHANG Lanbo, et,al. DroidFuzzer: Fuzzing the Android Apps with Intent-filter Tag[EB/OL]. , 2013-12-2.
[6]	KO M,CHOI K, CHANG B M.A Runtime Inspection Technique with Intent Specification for Developing Robust Android Apps[J]. Journal of KIISE, 2016,43(2), 212-221.
[7]	贾同彬,蔡阳,王跃武,等. 一种面向普通用户的Android APP安全性动态分析方法研究[J]. 信息网络安全,2015(9):1-5.
[8]	CHIN E, FELT A P, GREENWOOD K, et al. Analyzing Inter-application Communication in Android[EB/OL]. , 2011-6-28.
[9]	余丽芳,杨天长,牛少彰 . 一种增强型Android组件间安全访问控制方案[J]. 信息网络安全,2016(8):54-60.
[10]	ASLAM H A S. Inter-Application Communication Testing of Android Applications Using Intent Fuzzing[EB/OL]. , 2014-6-24.
[11]	赵光泽,李晖,孟杨. Android平台WebView组件安全及应用加固研究[J]. 信息网络安全,2015(10):61-65.
[12]	HIRANO T, HATTORI M, ITO T, et al. Homomorphic Encryption Based Cancelable Biometrics Secure against Replay and Its Related Attack[EB/OL]. , 2012-10-28.
[13]	SASNAUSKAS R, REGEHR J. Intent Fuzzer: Crafting Intents of Death[EB/OL]. , 2014-7-22.
[14]	BANGA G, DRUSCHEL P, MOGUL J C. Resource Containers: a New Facility for Resource Management in Server Systems[EB/OL]. , 1999-2-22.
[15]	LIU Xiaohu, LI Sheng.An Optimized Algorithm of Decision Tree[J]. Journal of Software, 1998, 9(10):797-800.
[16]	THAKUR D, MARKANDAIAH N, RAJ D S. Re Optimization of ID3 and C4.5 Decision Tree[EB/OL]. , 2010-9-17.
[17]	SOLTESZ S, P¨oTZL H, FIUCZYNSKI M E , et al. Container-based Operating System Virtualization: a Scalable, High-performance Alternative to Hypervisors[J]. Acm Sigops Operating Systems Review, 2007, 41(3):275-287.