使用指向分析的安卓库函数数据流摘要方法  被引量：1

作　　者：高颖慧 杨亚东 张源[1] 杨珉[1] GAO Ying-hui1, YANG Ya-dong2 ,ZHANG Yuan1, YANG Min1(1 Software School,Fudan University, Shanghai 201203, China; 2 Shanghai General Recognition Technology Research Institute, Shanghai 201100, China)

机构地区：[1]复旦大学软件学院,上海201203 [2]上海通用识别技术研究所,上海201100

出　　处：《小型微型计算机系统》2018年第4期686-693,共8页Journal of Chinese Computer Systems

基　　金：上海市青年科技英才扬帆计划项目(16YF1400800)资助;国家重点基础研究发展计划项目(2015CB358800)资助;国家自然科学基金项目(61602123;61602121;U1636204)资助;上海市科学技术委员会项目(15511103003)资助

摘　　要：为了精确地分析软件行为,静态数据流分析工具需要将数目众多、逻辑复杂的库函数一同分析,但这也引入了显著的分析开销.摘要通过对库函数的数据流进行建模可以有效避免对库函数的分析而不影响分析的效果.为了避免人工对库函数进行数据流建模,Stub Droid首次自动化地从库函数中提取数据流摘要并应用于静态分析工具中.本文发现Stub Droid的数据流摘要缺乏对库函数中指向信息建模,制约了数据流分析的精确度和覆盖率.因此,本文提出一种融合指针分析的摘要技术Point2Droid,自动化地对库函数中的指针指向信息进行摘要,并应用于静态污点分析工具中.实验表明,Point2Droid能在平均30s内为单个Java类生成摘要,摘要使得静态污点分析的效率大大提高,并且检测出了更多的隐私泄露路径.In order to accurately analyze software′s behavior,static data-flow analysis tools need to consider a large number of library code repeatedly from the analyzed applications,which will introduce significant analysis overhead.Summaries that modeling libraries′ data-flow can effectively avoid the repetitive analysis of library codes,without affecting the analysis accuracy.Different from manually building summaries,which is ineffective and error-prone,StubDroid was the first work to introduce automated summarization that can extract the data-flow summaries from library codes and apply to the static analysis tool for Android applications.This paper finds that data-flow summary of StubDroid lacks the modeling of points-to information in library,which limits the accuracy and coverage of data flow analysis.Therefore,this paper presents Points2Droid,a summary technique combined with points-to analysis,which automatically summarizes the pointer information in the library and applies it to the static taint analysis tool.Experiments show that Point2Droid can generate summary for a single Java class within an average of 30 seconds.The summaries with points-to information greatly improve the efficiency of static taint analysis and can be used to detect more privacy leaks in Android applications.

关 键 词：指向分析 摘要技术 库函数 静态数据流分析 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]