基於動態資訊流動追蹤之預防權限欺騙之使用

Abstract

由於Android程式間頻繁的合作因素，導致程式間元件交流的安全性變得重要。近來，權限欺騙之使用的行為紛紛產生並且成為非常嚴重的威脅。權限欺騙之使用可以間接取得它原本所沒擁有的權限為了去從事一些惡意的行為。弱點分析、基於Manifest的存取控制以及程式間通訊的監控等之前的研究並沒有辦法完全地解決權限欺騙之使用的問題，因為他們皆缺乏辨別呼叫串之源頭的能力。因此在此篇論文裡，我們提出了一個全新的預防欺騙權限使用方法設計，此設計為藉著動態資訊流動追蹤能夠辨識intent的來源，也就是呼叫串之源頭，我們可以執行精細的存取控制。具備了此辨識能力，我們可以干涉程式元件通訊的過程並確保每一個通訊的過程不會違反強制存取控制的機制去完全解決權限欺騙之使用的問題。除此之外，我們也使用以角色為基礎的存取控制來評估正確性。在效能評估上，我們也顯示了我們在處理每一個程式元件通訊時不會對系統產生很龐大的效能負荷。

Security of component communication is important in Android due to frequent inter-application collaboration. Recently, Fraudulent Permission Usage becomes a serious threat. Fraudulent Permission Usage can transitively gain the permission it does not have in order to perform malicious behaviors. Previous work on Vulnerability Analysis, Manifest-Based Access Control and even Inter-Application Communication Inspection cannot fully solve the problem due to lacking the ability to identifying origin of the call chain. In this paper, we propose a novel Fraudulent Permission Usage prevention scheme (FPUP) which performs fine-grained access control and can recognize the source of the intent, origin of the call chain by Dynamic Information Flow Tracking (DIFT). With the recognition ability, the inter-component communication (ICC) procedure is able to defend Fraudulent Permission Usage. The role-based access control model (RBAC) is also used to evaluate the correctness. In our performance evaluation, we show that our work will not generate heavy overhead when handling each ICC.