基于静态程序分析的Android安全性

Proceedings of the 2017 Workshop on MobiSys 2017 Ph.D. Forum Pub Date : 2017-06-19 DOI:10.1145/3086467.3086469

Feng Shen

{"title":"基于静态程序分析的Android安全性","authors":"Feng Shen","doi":"10.1145/3086467.3086469","DOIUrl":null,"url":null,"abstract":"Android is a popular platform designed for mobile devices. It consists of a customized Linux kernel, middleware, and a few core applications such as the Phone application. The middleware, commonly referred to as the Android framework, provides libraries and runtime services to applications. Applications in Android are written mainly in Java. Once compiled, Android transforms its applications into the Dalvik Executable (or DEX) format to minimize the memory footprint. Android uses a Java VM called Dalvik to execute DEX bytecode. Unlike other mobile OSes, Android has a unique permission mechanism. At development time, an application developer needs to explicitly request permissions by including them in an application configuration file. We refer to this configuration file simply as the manifest invthe remainder of the paper. At installation time, each uservneeds to review the permissions that the application requestsvand explicitly grant them.","PeriodicalId":126435,"journal":{"name":"Proceedings of the 2017 Workshop on MobiSys 2017 Ph.D. Forum","volume":"88 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Android Security via Static Program Analysis\",\"authors\":\"Feng Shen\",\"doi\":\"10.1145/3086467.3086469\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Android is a popular platform designed for mobile devices. It consists of a customized Linux kernel, middleware, and a few core applications such as the Phone application. The middleware, commonly referred to as the Android framework, provides libraries and runtime services to applications. Applications in Android are written mainly in Java. Once compiled, Android transforms its applications into the Dalvik Executable (or DEX) format to minimize the memory footprint. Android uses a Java VM called Dalvik to execute DEX bytecode. Unlike other mobile OSes, Android has a unique permission mechanism. At development time, an application developer needs to explicitly request permissions by including them in an application configuration file. We refer to this configuration file simply as the manifest invthe remainder of the paper. At installation time, each uservneeds to review the permissions that the application requestsvand explicitly grant them.\",\"PeriodicalId\":126435,\"journal\":{\"name\":\"Proceedings of the 2017 Workshop on MobiSys 2017 Ph.D. Forum\",\"volume\":\"88 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-06-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2017 Workshop on MobiSys 2017 Ph.D. Forum\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3086467.3086469\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2017 Workshop on MobiSys 2017 Ph.D. Forum","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3086467.3086469","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

Android是一个为移动设备设计的流行平台。它由定制的Linux内核、中间件和一些核心应用程序(如Phone应用程序)组成。中间件通常被称为Android框架，为应用程序提供库和运行时服务。Android中的应用程序主要是用Java编写的。一旦编译，Android将其应用程序转换为Dalvik可执行文件(或DEX)格式，以尽量减少内存占用。Android使用一个名为Dalvik的Java VM来执行DEX字节码。与其他移动操作系统不同，Android具有独特的权限机制。在开发时，应用程序开发人员需要通过在应用程序配置文件中包含权限来显式请求权限。在本文的其余部分中，我们将此配置文件简单地称为清单。在安装时，每个用户都需要检查应用程序请求的权限，并显式地授予它们。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Android Security via Static Program Analysis

Android is a popular platform designed for mobile devices. It consists of a customized Linux kernel, middleware, and a few core applications such as the Phone application. The middleware, commonly referred to as the Android framework, provides libraries and runtime services to applications. Applications in Android are written mainly in Java. Once compiled, Android transforms its applications into the Dalvik Executable (or DEX) format to minimize the memory footprint. Android uses a Java VM called Dalvik to execute DEX bytecode. Unlike other mobile OSes, Android has a unique permission mechanism. At development time, an application developer needs to explicitly request permissions by including them in an application configuration file. We refer to this configuration file simply as the manifest invthe remainder of the paper. At installation time, each uservneeds to review the permissions that the application requestsvand explicitly grant them.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 2017 Workshop on MobiSys 2017 Ph.D. Forum

自引率

0.00%

发文量

期刊最新文献

Proceedings of the 2017 Workshop on MobiSys 2017 Ph.D. Forum Session details: Mobile Systems Session details: Wireless Communication and Security A Context-driven Energy Assessment for Energy-aware Development of Mobile Sensing Applications Toward Battery-free Smart Cameras