检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:汪润 唐奔宵 王丽娜[1,2] WANG Run;TANG Benxiao;WANG Lina(Key Laboratory of Aerospace Information Security and Trusted Computing,Ministry of Education,Wuhan University,Wuhan 430072,Hubei,China;School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,Hubei,China)
机构地区:[1]武汉大学空天信息安全与可信计算教育部重点实验室,湖北武汉430072 [2]武汉大学国家网络安全学院,湖北武汉430072
出 处:《武汉大学学报(理学版)》2018年第5期407-414,共8页Journal of Wuhan University:Natural Science Edition
基 金:国家自然科学基金(U1536204);国家高技术发展计划(863)(2015AA016004)资助项目
摘 要:为了使Android平台重打包应用检测的方法在面向大规模移动应用中既能实现快速、准确地检测重打包应用又能对抗代码混淆攻击,本文提出了一种基于程序语义的重打包应用抗混淆检测方法.该方法首先进行粗粒度的检测,即先将应用的程序依赖图抽象成程序语义特征,通过计算程序语义特征之间的相似性,实现快速的可疑重打包应用检测;然后使用程序依赖图作为应用的特征,完成可疑重打包应用细粒度的准确检测.基于文中的方法设计并实现了原型系统DroidFAR(Fast,Accurate and Robust).实验结果表明,本文方法检测的准确率达到95.1%,误报率低于1.2%,且能够有效地抵御代码混淆攻击.A semantic-based application repackaging detection approach is proposed for addressing the requirement of fast,accurate and obfuscated code evade attacks in large scale Android repackaged application detection.Our approach first performs a coarse-grained detection,which abstracts the program dependency graph of application as a kind of program semantic feature and calculates the similarity of semantic features in order to achieve a fast potential repackaged applications detection.Then the program dependency graph is utilized as application feature to achieve an accurate and fine-grained detection of potential repackaged applications.A prototype system,called DroidFAR,is designed and implemented based on our proposed approach.Experimental results show that our approach can achieve an accuracy of 95.1%and obtain false positive rate lower than 1.2%in application repackaging detection and it can effectively evade the code obfuscation attack.
分 类 号:TP309.1[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.15