跳到主要內容

簡易檢索 / 詳目顯示

回結果列表
研究生: 林良軒
Liang-Hsuan Lin
論文名稱: AHA: An Event-Driven Solution to Activity Hijacking Attacks
指導教授: 許富皓
Fu-Hau Hsu
口試委員:
學位類別: 碩士
Master
系所名稱: 資訊電機學院 - 資訊工程學系
Department of Computer Science & Information Engineering
論文出版年: 2015
畢業學年度: 103
語文別: 英文
論文頁數: 39
中文關鍵詞: AndroidMalwareActivity HijackingView System
外文關鍵詞: Android, Malware, Activity Hijacking, View System
相關次數: 點閱:9下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    •   隨著人們漸漸進入了無線通訊產品的時代,智慧型手機因為它的輕巧、便利以及行動運算能力的改良,大多數的人都選擇隨身攜帶智慧型手機來讓工作或者查詢資訊更加方便,使用者的個人資訊甚至是公司機密就會被保留在使用者的手機上面。因此攻擊者也漸漸將目標轉移到手機平台上,用以竊取個人資訊或者機密。
      近年來,Android系統中的Component Hijacking Attacks被廣泛的討論。當攻擊者主要針對Android元件中的Activity做挾持或者置換攻擊時,這種攻擊被稱為Activity Hijacking Attacks。可能造成的問題為影響應用程式正常功能,亦或者使使用者在不知情的情況,將個人資訊或者機密洩漏出去。
      在這篇論文中,著重在分析Activity Hijacking Attacks的行為,設計出一套防止攻擊者利用Activity Hijacking Attacks來竊取使用者的帳號密碼的機制-AHA。AHA 將會動態的分析系統中的Activity Manager,記錄目前整個系統所有Activities的運作狀況,佐以分析Activities的Layout、View System,比對是否有攻擊者想對於目前前景的Activity進行Activity Hijacking攻擊。一旦發現有此行為即會提醒使用者。

    In recent years, the Android Component Hijacking Vulnerabilities are widely discussed. This kind of vulnerabilities may cause tremendous problem in the system. If any of the Android Components has been hijacked, it may disclose user’s personal information or private data to the attacker. To be more precisely, those attacks will redirect or hijack the Android Component’s original workflow to malicious code or even to the extent that execute a malware.
    One of the Android Components is Activity, it construct the UI frames for the user. In this paper, we focus on Activity Hijacking Attacks. As the name implies, Activity Hijacking Attacks is to hijack the original activity workflow while users are using. We construct our solution in Android framework called AHA to keep track of every activity workflow and knowing the layout about the activity.
    Our solution AHA can stop the attack which using the Activity Hijacking Attacks to steal user’s personal information. Furthermore, AHA can easily patched into existing Android system and with ignorable overhead.

    中文摘要 I ABSTRACT II CONTENTS III LIST OF FIGURES V LIST OF TABLES VI CHAPTER 1 INTRODUCTION 1 1.1 THESIS MOTIVATION AND PURPOSE 2 1.2 THREAT DESCRIPTION 4 1.3 RESEARCH GOALS 5 1.4 CHAPTER ORGANIZATION 6 CHAPTER 2 BACKGROUND 7 2.1 ANDROID ARCHITECTURE 7 2.2 ANDROID COMPONENTS 12 2.3 WINDOW MANAGER 13 2.4 VIEW SYSTEM 14 2.5 ACTIVITY MANAGER SERVICE 15 CHAPTER 3 RELATED WORK 20 CHAPTER 4 SYSTEM DESIGN 22 5.1 DESIGN PRINCIPLES 22 5.2 SYSTEM OVERVIEW 23 5.3 ACTIVITYDETECTOR 24 5.4 TEXTVIEWFINDER 25 5.5 AHASERVICE 27 CHAPTER 5 EVALUATIONS 30 6.1 IMPLEMENTATION 31 6.2 PERFORMANCE 32 CHAPTER 6 CONCLUSIONS 35 REFERENCES 38

    [1] I. D. Corporation. Worldwide Quarterly Mobile Phone Tracker. Available: http://www.idc.com/getdoc.jsp?containerId=prUS25450615
    [2] Google Play. Available: https://play.google.com/store?hl=zh_TW
    [3] E. Owusu, J. Han, S. Das, A. Perrig, and J. Zhang, "ACCessory: password inference using accelerometers on smartphones," in Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications, 2012, p. 9.
    [4] C.-C. Lin, H. Li, X. Zhou, and X. Wang, "Screenmilker: How to milk your android screen for secrets," in 21st Annual Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, 2014.
    [5] L. Cai and H. Chen, "TouchLogger: Inferring Keystrokes on Touch Screen from Smartphone Motion," in HotSec, 2011.
    [6] S. Schulte. TWSL2011-008: Focus Stealing Vulnerability in Android Available: https://www.trustwave.com/Resources/SpiderLabs-Blog/TWSL2011-008--Focus-Stealing-Vulnerability-in-Android/
    [7] Android Developer Reference, Fundamental Components. Available: http://developer.android.com/guide/components/fundamentals.html
    [8] L. Lu, Z. Li, Z. Wu, W. Lee, and G. Jiang, "Chex: statically vetting android apps for component hijacking vulnerabilities," in Proceedings of the 2012 ACM conference on Computer and communications security, 2012, pp. 229-240.
    [9] Q. A. Chen, Z. Qian, and Z. M. Mao, "Peeking into your app without actually seeing it: Ui state inference and novel android attacks," in Proceedings of the 23rd USENIX Security Symposium, 2014, pp. 1037-1052.
    [10] Android Developer Reference, ActivityManager. Available: http://developer.android.com/reference/android/app/ActivityManager.html
    [11] Android Developer Reference, View. Available: http://developer.android.com/reference/android/view/View.html
    [12] Android Developer Reference, WindowManager. Available: http://developer.android.com/reference/android/view/WindowManager.html
    [13] AnTuTu Benchmark. Available: http://www.antutu.com/index.shtml
    [14] Android Developer Reference, Surface. Available: http://developer.android.com/reference/android/view/Surface.html
    [15] E. Chin, A. P. Felt, K. Greenwood, and D. Wagner, "Analyzing inter-application communication in Android," in Proceedings of the 9th international conference on Mobile systems, applications, and services, 2011, pp. 239-252.
    [16] M. Zhang and H. Yin, "Appsealer: Automatic generation of vulnerability-specific patches for preventing component hijacking attacks in android applications," in Proceedings of the 21th Annual Network and Distributed System Security Symposium (NDSS 2014), 2014.
    [17] Android Developer Reference, Telephony.Mms. Available: http://developer.android.com/reference/android/provider/Telephony.Mms.html
    [18] Android Open Source Project. Available: https://source.android.com/

    QR CODE
    :::