CRAT: 行動程式碼審閱輔助工具

标题:	CRAT: 行动程式码审阅辅助工具 CRAT: Code Review Assistant Tool for Mobile Operating Systems – FxOS as an example
作者:	张瀚中 CHANG, HANG-CHUNG 黄育纶 Huang, Yu-Lun 电机工程学系
关键字:	手机安全;入侵侦测系统;Mobile security;Intrusion Detection System (IDS)
公开日期:	2015
摘要:	近年来，由于行动装置的功能和便利性的提升，使用者日趋增加，愈来愈多有价值的资料也储存在行动装置上。相对地，导致行动装置被攻击的风险也因此而提高许多。因此如何提升行动装置的安全性已是不可避免的重要课题，其中主要的攻击来源之一就是行动装置的软体（app）。攻击者上传异常app到app商店供使用者下载;一旦使用者启动该app，行动装置就可能会遭到泄漏个资或功能瘫痪等攻击。因此，提升行动装置安全性的直接作法，就是在每个app上线前都经过审慎的审阅。但是，我们曾提交一支异常app给审阅者，审阅后，却获得上架许可。这件事显示恶意码不易在审阅过程中被侦测出来。为了提升行动装置的安全性，以及减轻app审阅者的负担，我们提出CRAT想协助审阅者更安全、更有效率的审阅app。我们在CRAT中重新设计K-means classification（取名为K'-means classification）来侦测异常app。K'-means classification分为两阶段:Training和Testing。在Training阶段，我们把已知的正常app分成数个类别，并建立分类模型。在Testing阶段，利用分类模型审阅待审app（即app under review）。假如此app不属于任何一个正常类别，则此app会被认定为异常app。最后，我们在FxOS的手机上实作CRAT，并评估CRAT的效能。我们的实验数据显示，CRAT可以准确地分辨出正常或异常的app（准确率高达9成以上），并且在极短时间内完成app的分类和审阅。60000支app的分类模型的建置时间仅需约0.2秒。实验结果显示CRAT可以有效地提升行动装置的安全性和app审阅效率。 Recently, mobile technologies grow rapidly, more and more valuable personal information is stored on the mobile devices. This leads to a raising risk of mobile devices. One of the major attacks is from the anomalous mobile apps. Attackers exploit the vulnerabilities of mobile apps and launch attacks to the mobile devices. These attacks may cause the system crash or leakage of personal information. To improve the security of a mobile device, mobile apps must be carefully reviewed before they can be pushed to a marketplace. However, when we submitted an anomalous app, which uses up extremely high cycles, to an app reviewer, the reviewer approved the app after couple days. This means it is not easy for an app reviewer to review every line of an app. In the thesis, we propose CRAT to help an app reviewer vetting mobile app. We revise the K-means classification (called K'-means classification) to better detect anomaly apps which can cause DoS attacks (CPU, memory, network I/O). We classify normal apps into groups using K'-means classification and test the app under review with these groups. Three experiments are designed for evaluating the accuracy and performance of CRAT. The results show CRAT can detect anomalies with an accuracy of 90\% or above. And the classification and detection process can be done in a short time; 60000 normal apps can be classified within 0.2 seconds.
URI:	http://140.113.39.130/cdrfb3/record/nctu/#GT070350720 http://hdl.handle.net/11536/126479
显示于类别：	Thesis

APA	张., CHANG, H., 黄., & Huang, Y. (2015). CRAT: 行动程式码审阅辅助工具. http://hdl.handle.net/11536/126479.
Bibtex	@article{张瀚中 and CHANG2015CRAT:, title={CRAT: 行动程式码审阅辅助工具}, author={张瀚中 and CHANG, HANG-CHUNG and 黄育纶 and Huang, Yu-Lun}, journal={http://hdl.handle.net/11536/126479}, year={2015}, url={https://ir.lib.nycu.edu.tw/handle/11536/126479?locale=zh_CN}, }