吴姝,周安民,左政.PDiOS:iOS应用程序中私有API的调用检测[J].计算机科学,2018,45(4):163-168
PDiOS:iOS应用程序中私有API的调用检测
PDiOS:Private API Call Detection in iOS Applications
投稿时间:2017-08-21  修订日期:2017-09-13
DOI:10.11896/j.issn.1002-137X.2018.04.027
中文关键词:  私有API,应用程序审查,反向分片,常量传播,强制执行
英文关键词:Private application programming interface,Application vetting,Backward slicing,Constant propagation,Forced execution
基金项目:
作者单位E-mail
吴姝 四川大学电子信息学院 成都610065  
周安民 四川大学电子信息学院 成都610065 2871669252@qq.com 
左政 四川大学电子信息学院 成都610065  
摘要点击次数: 322
全文下载次数: 200
中文摘要:
      苹果公司对App Store上的每一款应用程序都进行了审核,包括是否存在访问用户敏感信息的私有API调用,但是仍有恶意应用通过了该项审查。针对iOS应用程序中私有API的调用问题,提出了一种动、静态相结合的检测技术PDiOS。通过反向分片和常量传播的静态分析方式来处理大部分API调用,基于强制执行的动态迭代分析来处理剩余API。静态分析包含了对二进制文件的全面分析以及对资源文件中隐式调用的处理,动态分析主要依赖于二进制动态分析框架进行迭代分析。最后通过对比公开头文件中的API来确定私有API的调用。在对官方商店的1012款应用程序的检测中,确认有82款应用程序存在共128个不同的私有API调用。在对企业证书签名的32款应用程序的检测中,确认有26款使用了私有API调用。
英文摘要:
      Apple has reviewed every application in App Store,including private application programming interface(API) calls,but some malicious applications still escape from the review.Aiming at the private API call in iOS application,a detection technique combining dynamic and static analysis was proposed.Most of the API call sites were processed by static analysis of backward slicing and constant propagation,and the remaining APIs are dealt with by dynamic iterative analysis based on enforcement.Static analysis includes a comprehensive analysis of the binary file and the implicit call analysis in the resource file processing.Dynamic analysis mainly depends on the binary dynamic analysis framework for iterative analysis.Finally,the existence of private API is determined by comparing the API in the public header file.There are 82 applications with 128 different private API calls during the testing of 1012 applications in App Store,and 26 applications are sure to use private API calls in the 32 applications signed by the enterprise certificate.
查看全文  查看/发表评论  下载PDF阅读器