AppScan : Static mobile application behavior scanning on iOS executable
碩士 === 國立政治大學 === 資訊管理學系 === 105 === Mobile application is the most popular and dominant software applications nowadays, so the actual behaviors of the application and the related security and privacy issues become more and more important. On the other hand, as time goes by, there are more and more...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | en_US |
| Online Access: | http://ndltd.ncl.edu.tw/handle/9qyk35 |
| id |
ndltd-TW-105NCCU5396017 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-TW-105NCCU53960172019-05-15T23:25:04Z http://ndltd.ncl.edu.tw/handle/9qyk35 AppScan : Static mobile application behavior scanning on iOS executable AppScan:手機應用程式行為靜態偵測掃描-以iOS為例 Wang, Wei Ren 王韋仁 碩士 國立政治大學 資訊管理學系 105 Mobile application is the most popular and dominant software applications nowadays, so the actual behaviors of the application and the related security and privacy issues become more and more important. On the other hand, as time goes by, there are more and more applications on the AppStore stop to update or being abandoned but not removed from AppStore. However, the users know nothing about the lack of maintenance problems and still download and use it. In this research, we will resolve the issue for checking specific property method sequence within an application. By using IDApro to generate function call graph and the subroutine control flow graphs, we use syntax checking strategy to perform a across subroutines sequential checking solution. We will check the application behavior by predefining a property method sequence as pattern and then check with applications’. The analysis method can illustrate whether a property method sequence exists in the application which is available on App Store. This may help us to check some malicious behavior property method sequence or specific behavior method sequence (ex. using deprecated api methods) in the applications. We have prepared some property method sequence as our system input pattern extracted from all the available iOS SDK methods fetching by our web crawler. We will check whether an application contains the prepared method sequence or not. If the sequence exists in the application, we would record the method sequence call included in the subroutine within the application. Then the results data will be aggregated in our database, and export as api service for visualizing and statistic uses. Finally, we construct a call sequence analysis system for the above checking functions and show the result in a web service form Yu, Fang 郁方 學位論文 ; thesis 48 en_US |
| collection |
NDLTD |
| language |
en_US |
| format |
Others
|
| sources |
NDLTD |
| description |
碩士 === 國立政治大學 === 資訊管理學系 === 105 === Mobile application is the most popular and dominant software applications nowadays, so the actual behaviors of the application and the related security and privacy issues become more and more important. On the other hand, as time goes by, there are more and more applications on the AppStore stop to update or being abandoned but not removed from AppStore. However, the users know nothing about the lack of maintenance problems and still download and use it. In this research, we will resolve the issue for checking specific property method sequence within an application. By using IDApro to generate function call graph and the subroutine control flow graphs, we use syntax checking strategy to perform a across subroutines sequential checking solution. We will check the application behavior by predefining a property method sequence as pattern and then check with applications’. The analysis method can illustrate whether a property method sequence exists in the application which is available on App Store. This may help us to check some malicious behavior property method sequence or specific behavior method sequence (ex. using deprecated api methods) in the applications. We have prepared some property method sequence as our system input pattern extracted from all the available iOS SDK methods fetching by our web crawler. We will check whether an application contains the prepared method sequence or not. If the sequence exists in the application, we would record the method sequence call included in the subroutine within the application. Then the results data will be aggregated in our database, and export as api service for visualizing and statistic uses. Finally, we construct a call sequence analysis system for the above checking functions and show the result in a web service form
|
| author2 |
Yu, Fang |
| author_facet |
Yu, Fang Wang, Wei Ren 王韋仁 |
| author |
Wang, Wei Ren 王韋仁 |
| spellingShingle |
Wang, Wei Ren 王韋仁 AppScan : Static mobile application behavior scanning on iOS executable |
| author_sort |
Wang, Wei Ren |
| title |
AppScan : Static mobile application behavior scanning on iOS executable |
| title_short |
AppScan : Static mobile application behavior scanning on iOS executable |
| title_full |
AppScan : Static mobile application behavior scanning on iOS executable |
| title_fullStr |
AppScan : Static mobile application behavior scanning on iOS executable |
| title_full_unstemmed |
AppScan : Static mobile application behavior scanning on iOS executable |
| title_sort |
appscan : static mobile application behavior scanning on ios executable |
| url |
http://ndltd.ncl.edu.tw/handle/9qyk35 |
| work_keys_str_mv |
AT wangweiren appscanstaticmobileapplicationbehaviorscanningoniosexecutable AT wángwéirén appscanstaticmobileapplicationbehaviorscanningoniosexecutable AT wangweiren appscanshǒujīyīngyòngchéngshìxíngwèijìngtàizhēncèsǎomiáoyǐioswèilì AT wángwéirén appscanshǒujīyīngyòngchéngshìxíngwèijìngtàizhēncèsǎomiáoyǐioswèilì |
| _version_ |
1719148160282001408 |