《计算机应用研究》|Application Research of Computers

一种用于Android应用的反控制混淆系统

Deobfuscation system for Android applications

免费全文下载 (已被下载 次)  
获取PDF全文
作者 曹宏盛,焦健,李登辉
机构 北京信息科技大学 计算机学院,北京 100101
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2019)05-055-1544-05
DOI 10.19734/j.issn.1001-3695.2017.12.0759
摘要 Android恶意软件中的控制混淆技术,可以增加传统Android应用软件执行路径检测的难度,是目前代码静态分析的主要困难之一。针对该问题进行了研究,并设计系统DOCFDroid用于解决此问题。该系统在预处理阶段获取CFG关系矩阵,使用深度优先查找待分析路径集合;依据用户给定的源点集合和终节点集合得到粗糙路径;然后采用权重筛选的算法,可以有效地获取目标路径集合。在实验阶段以DroidBench 1.2为基础构建测试样本集,验证该方法的有效性。实验结果表明,该方法能有效抵抗控制流混淆带来的干扰,目标路径识别率可达95.31%。
关键词 反控制混淆; Android; 控制混淆; 路径查找
基金项目 网络文化与传播重点实验室—开放课题资助项目(ICDDXN001)
中央引导地方科技发展专项资助项目(Z171100004717002)
本文URL http://www.arocmag.com/article/01-2019-05-055.html
英文标题 Deobfuscation system for Android applications
作者英文名 Cao Hongsheng, Jiao Jian, Li Denghui
机构英文名 School of Computer,Beijing Information Science & Technology University,Beijing 100101,China
英文摘要 Control obfuscation can greatly increase the difficulty on detecting implementation path of Android application, and also is the one of the main difficulties on current code static analysis. This article researched this question and designed a system DOCFDroid used to solve this problem. The system obtained the CFG relation matrix in the pretreatment stage, and used the depth-first algorithm to find the set of the path. According to the set of source points and the set of end points, it obtained the coarse path. The algorithm of weight screening could effectively obtain the target path set. Based on the sample set DroidBench 1.2, it further constructed the test sample set to verify the validity of this method. The experimental results show that the system can effectively resist the interference caused by control obfuscation, and the recognition rate of target path can reach 95.31%.
英文关键词 control flow deobfuscation; Android; control flow obfuscation; path detection
参考文献 查看稿件参考文献
 
收稿日期 2017/12/4
修回日期 2018/1/30
页码 1544-1548
中图分类号 TP309.1
文献标志码 A