Android应用跨语言安全性分析
首发时间:2020-05-29
摘要:Android应用市场会在每个应用上架前对其进行各种安全性检测,用以预测其潜在危害性。由于目前静态分析工具几乎都只能检测Java层的恶意行为,越来越多的有害软件开始将恶意行为放入Native代码中,以此规避静态检测。作为针对以上情况的解决思路,本文定义了一个新的研究方向--Android应用跨语言安全性分析,并对其涉及的每类技术以及各技术目前的研究成果进行了归纳总结,如Java层静态分析技术、Native层二进制分析技术、Java-Native穿透技术等。
关键词: 计算机软件与理论 Android 移动安全 静态分析 二进制分析 数据流分析 跨语言
For information in English, please click here
Inter-language Static Analysis for Android Application Security
Abstract:The Android application market will conduct various security analysis on each application to predict its potential harm before put it online. Since almost all the static analysis tools can only detect malicious behaviors in the Java layer, more and more malwares try to avoid static analysis by taking the malicious codes to the Native layer. As a solution to the above situation, there\'s a new research aspect proposed in this paper and defined as Inter-language Static Analysis. As all the involved technologies are introduced, the current research results of them will be captured in this paper, such as static analysis in Java layer, binary analysis in Native layer, Java-Native penetration technology, etc.
Keywords: Computer Software and Theory Android Mobile Security Static Analysis Binary Analysis Data-flow Analysis Inter-language
基金:
引用
No.****
动态公开评议
共计0人参与
勘误表
Android应用跨语言安全性分析
评论
全部评论0/1000