完整後設資料紀錄
DC 欄位語言
dc.contributor.author蘇修醇en_US
dc.contributor.authorSu, Hsiu-Tsunen_US
dc.contributor.author謝續平en_US
dc.contributor.authorShieh, Shiuh-Pyngen_US
dc.date.accessioned2014-12-12T01:52:05Z-
dc.date.available2014-12-12T01:52:05Z-
dc.date.issued2011en_US
dc.identifier.urihttp://140.113.39.130/cdrfb3/record/nctu/#GT079855568en_US
dc.identifier.urihttp://hdl.handle.net/11536/48303-
dc.description.abstractLookout Mobile Security(手機防毒公司)指出,Google Android Market上已超過50個以上的應用程式被發現遭注入DroidDream惡意程式,DroidDream送出大量敏感資料到遠端伺服器上,而它是第一個被發現到具有攻擊並利用Android作業系統漏洞能力的惡意程式。為了要準確分析malware,我們藉修改虛擬的ARM CPU,提出具有系統層、精確性的資訊流動追蹤能力的DroidTracking分析工具,以虛擬機器為基礎的DroidTracking可分析整個Android作業系統以了解關於竊取敏感資料的行為,不同於以往的分析工具, DroidTracking藉分析系統層的資訊可避免欲分析的資訊已遭受惡意程式所影響,再對系統物件做byte-level的分析可達到更精確的資訊流動追蹤。我們的實作包含追蹤GPS, IMEI, IMSI和ICC-ID,未來也將追蹤更多手機上的敏感資料,而實驗中,我們蒐集大量已被DroidDream感染的已知應用程式,並用DroidTracking做分析,可成功的偵測並證實被感染的應用程式正在竊取敏感資料的事實。zh_TW
dc.description.abstractA large number of Android applications injected with DroidDream malware have been found on the Google Android Market by Lookout Mobile Security. According to Lookout, DroidDream sends a variety of sensitive data to a remote server. It is the first malware that exploits vulnerabilities of the Android operating system (Android OS). To cope with the problem, we propose DroidTracking, a system-wide and fine-grained information flow tracking system with emulated ARM CPU. DroidTracking analyzes the entire Android OS to detect sensitive data stealing behaviors. Unlike the conventional operating system call tracking schemes, our VM-based, system-wide analysis can avoid malware interference, and its fine-grained information flow tracking supports accurate byte-level system objects analysis. DroidTracking has been implemented to track sensitive information leakage, such as GPS, IMEI, IMSI and ICC-ID. To evaluate the DroidTracking, we collected a number of popular Android applications infected with DroidDream. Our experiment showed that the infected applications’s behaviors of stealing sensitive data can be accurately identified and detected.en_US
dc.language.isoen_USen_US
dc.subject虛擬機器zh_TW
dc.subject資訊流動追蹤zh_TW
dc.subject資訊竊取zh_TW
dc.subject行動裝置zh_TW
dc.subjectAndroiden_US
dc.subjectAndroid Emulatoren_US
dc.subjectARMen_US
dc.subjectInformation Flowen_US
dc.subjectTainten_US
dc.subjectData Stealingen_US
dc.title藉系統層的資訊流動追蹤以偵測Android平台上竊取敏感資料的行為zh_TW
dc.titleDroidTracking : Detecting Sensitive Data Stealing on Android with System-Wide Information Flow Trackingen_US
dc.typeThesisen_US
dc.contributor.department資訊科學與工程研究所zh_TW
顯示於類別:畢業論文


文件中的檔案:

  1. 556802.pdf

若為 zip 檔案,請下載檔案解壓縮後,用瀏覽器開啟資料夾中的 index.html 瀏覽全文。