- 个人中心
- 退出登录
浏览全部资源
扫码关注微信
- HOME
- ABOUT
- Acta Electronica Sinic About JournalPeer Review ProcessPublication EthicsContactSubscription
- Editorial Board Editorial Board
- Acta Electronica Sinic
- CONTENTS
- Issues Online FirstCurrent IssuePast Issues
- Articles Articles with DataMost Cited ArticlesMost Downloaded Articles
- Special Issues Special IssuesVirtual IssuesCall for Papers
- Issues
- RESOURCES
- Author Guide Manuscript SubmissionPeer Review ProcessProduction ProcessCopyright and LicensingAppeal & Withdraw
- For Guest Editors Proposing Special IssueManaging Special Issue
- Download Center
- Author Guide
A Whitelist Network Control Based on Android Kernel Driver
- ACTA ELECTRONICA SINICA Vol. 52, Issue 3, Pages: 967-976(2024)
- 作者机构:
1.西安理工大学计算机科学与工程学院,陕西西安 710048
2.西安交通大学网络空间安全学院,陕西西安710049
3.北京理工大学计算机学院,北京100081
- 作者简介:
- 基金信息:National Natural Science Foundation of China(62072037;U1936218)
DOI:10.12263/DZXB.20220611
CLC: TP391Received:27 May 2022,
Revised:2022-08-17,
Published:25 March 2024
- 稿件说明:
移动端阅览
杨易达,孙钦东,胡国星,等.基于Android内核驱动的白名单网络控制[J].电子学报,2024,52(03):967-976.
YANG Yi-da, SUN Qin-dong, HU Guo-xing, et al.A Whitelist Network Control Based on Android Kernel Driver[J].Acta Electronica Sinica, 2024, 52(03): 967-976.
杨易达,孙钦东,胡国星,等.基于Android内核驱动的白名单网络控制[J].电子学报,2024,52(03):967-976. DOI:10.12263/DZXB.20220611
YANG Yi-da, SUN Qin-dong, HU Guo-xing, et al.A Whitelist Network Control Based on Android Kernel Driver[J].Acta Electronica Sinica, 2024, 52(03): 967-976. DOI:10.12263/DZXB.20220611
摘要
Android系统是目前主流的移动终端操作系统之一,其数据泄露问题日益受到学术界的广泛关注.恶意应用窃取用户敏感数据后通过互联网发送扩散,从而对用户实施进一步侵害.Android系统中网络权限属于常规权限,应用无需用户授权即可联网发送数据.针对上述问题,本文提出了一种基于Android内核驱动程序的网络白名单网络控制方案,用户可以监控所有应用程序的网络使用状态,选择信任的应用加入白名单中,对白名单中的应用程序实行内核级签名验证,防止程序代码被非法篡改,从而构建安全可控的网络使用环境.本方案为应用和内核的通信构建了专用通道,以确保网络白名单管理权限不会被其他应用窃取,随后通过进程识别针对性地管控网络权限,在不影响正常应用功能的情况下实现权限管理.经过实验验证,本方案可以有效防止恶意应用利用互联网泄露用户隐私,网络管控成功率达到了100%.系统运行稳定,被管控应用启动时间最大增加33.1%,最小增加3.6%.
Abstract
Android system is one of the most popular mobile terminal operating systems at present
and its data leakage problem has been increasingly concerned by the academic community. Malwares steal users’ sensitive data and spread it over the Internet to harm users further. In the Android system
network permissions belong to common permissions
and applications can send data by internet without user authorization. To solve the above problems
this paper proposes a network whitelist scheme to control network based on Android kernel driver. Users can monitor the network usage status of all applications and select trusted applications to be added to the whitelist
and a kernel-level signature verification for applications in the whitelist is applied to prevent illegal tampering of execution code
thereby creating a safe and controllable network usage environment. A dedicated channel is constructed for the communication between applications and the kernel to ensure that the network whitelist management permissions are not acquired by other applications. Then
the network permissions are controlled through process identification to achieve permission management without affecting normal application functions. Through experimental verification
this scheme can effectively prevent malwares from using the Internet to leak users' privacy data
and the success rate of network control has reached 100%. The system runs stably and the startup time of controlled applications increases by a maximum of 33.1% and a minimum of 3.6%.
关键词
Keywords
references
贡知洲 , 路昭亮 . Android发展的分析与研究 [J ] . 价值工程 , 2013 , 32 ( 2 ): 185 - 186
GONG Z Z , LU Z L . Analysis and research of the android [J ] . Value Engineering , 2013 , 32 ( 2 ): 185 - 186 (in Chinese)
StatCounter . Mobile operating system market share worldwide [EB/OL ] . ( 2021-08-31 )[ 2022-04-27 ] . https://gs.statcounter.com/os-market-share/mobile/worldwide https://gs.statcounter.com/os-market-share/mobile/worldwide .
李鹏伟 , 姜宇谦 , 薛飞扬 , 等 . 一种基于深度学习的强对抗性Android恶意代码检测方法 [J ] . 电子学报 , 2020 , 48 ( 8 ): 1502 - 1508 .
LI P W , JIANG Y Q , XUE F Y , et al . A robust approach for android malware detection based on deep learning [J ] . Acta Electronica Sinica , 2020 , 48 ( 8 ): 1502 - 1508 . (in Chinese)
董超 , 杨超 , 马建峰 , 等 . Android系统中第三方登录漏洞与解决方案 [J ] . 计算机学报 , 2016 , 39 ( 3 ): 582 - 594 .
DONG C , YANG C , MA J F , et al . The vulnerabilities and solutions of third-party login services in android system [J ] . Chinese Journal of Computers , 2016 , 39 ( 3 ): 582 - 594 . (in Chinese)
XUE Y , ZHANG X S , YU X , et al . Isolating host environment by booting android from OTG devices [J ] . Chinese Journal of Electronics , 2018 , 27 ( 3 ): 617 - 624 .
ZIMPERIUM . Global-mobile-threat-report [EB/OL ] . ( 2022-03-21 )[ 2022-04-28 ] . https://www.zimperium.com/global-mobile-threat-report/ https://www.zimperium.com/global-mobile-threat-report/ .
CUI H L , SHAO S , NIU S Z , et al . Container-based privacy preserving scheme for android applications [J ] . Chinese Journal of Electronics , 2020 , 29 ( 4 ): 731 - 737 .
HU J L , LIANG J J , KUANG Y Z , et al . A user similarity-based Top- N recommendation approach for mobile in-application advertising [J ] . Expert Systems with Applications , 2018 , 111 : 51 - 60 .
SARACINO A , SGANDURRA D , DINI G , et al . MADAM: Effective and efficient behavior-based android malware detection and prevention [J ] . IEEE Transactions on Dependable and Secure Computing , 2018 , 15 ( 1 ): 83 - 97 .
ZHANG W , SU N N , NIU S Z , et al . A novel hotfix scheme for system vulnerability based on the android application layer [J ] . Chinese Journal of Electronics , 2019 , 28 ( 2 ): 408 - 415 .
Google . Android架构 [EB/OL ] . ( 2020-03-21 )[ 2022-04-15 ] . https://source.android.google.cn/devices/architecture?hl=zh-cn https://source.android.google.cn/devices/architecture?hl=zh-cn .
卿斯汉 . Android安全研究进展 [J ] . 软件学报 , 2016 , 27 ( 1 ): 45 - 71
QING S H . Research progress on android security [J ] . Journal of Software , 2016 , 27 ( 1 ): 45 - 71 (in Chinese)
庞振海 . 基于Android平台的双文件系统的设计与实现 [D ] . 北京 : 北京邮电大学 .
PANG Z H . Design and Implementation of Dual File System Based on Android Platform [D ] . Beijing : Beijing University of Posts and Telecommunications . (in Chinese)
Sinha N . Android-Based Driver Alert System for Accident Avoidance [M ] . Delhi : Springer , 2021 .
路子聪 , 徐开勇 , 郭松 , 等 . 基于ARM虚拟化扩展的Android内核动态度量方法 [J ] . 计算机应用 , 2018 , 38 ( 9 ): 2644 - 2649 .
LU Z C , XU K Y , GUO S , et al . Dynamic measurement of Android kernel based on ARM virtualization extension [J ] . Journal of Computer Applications , 2018 , 38 ( 9 ): 2644 - 2649 . (in Chinese)
谢剑 . 基于HTTP报文网络抓包软件的分析与设计 [J ] . 现代信息科技 , 2020 , 4 ( 22 ): 20 - 22 .
XIE J . Analysis and design of network packet capture software based on HTTP message [J ] . Modern Informationn Technology , 2020 , 4 ( 22 ): 20 - 22 . (in Chinese)
MAJIDHA FATHIMA K M , SANTHIYAKUMARI N . A survey on network packet inspection and ARP poisoning using wireshark and ettercap [C ] // 2021 International Conference on Artificial Intelligence and Smart Systems (ICAIS) . Piscataway : IEEE , 2021 : 1136 - 1141 .
GUAN X J , MA Y Y , SHAO Z P , et al . Design and application of concurrent test scheme for heartbeat message of mobile terminal based on Tcpdump and LoadRunner [C ] // 2020 IEEE 10th International Conference on Electronics Information and Emergency Communication (ICEIEC) . Piscataway : IEEE , 2020 : 232 - 235 .
0
Views
12
下载量
0
CSCD
- L-PDFDownload
- Meta-XMLDownload
- BibTeXDownload
- EndnoteDownload
- RefMan Download
- NoteExpressDownload
- NoteFirstDownload
Publicity Resources
Related Articles
Related Author
Related Institution
- Technical support is provided by Beijing Founder electronics co., LTD 京ICP备09064830号-19
京公网安备11010802024621 - It is recommended to read the content of this site in Chrome&IE9+. Please switch to extreme mode in browser 360.
- Cookies We use cookies to help provide and enhance our service and tailor content. By continuing, you agree to the use of cookies.