[1] |
Android captured 79% share of global smartphone shipments in 2013 [EB/OL].[20140516].http://blogs.strategyanalytics.com/WSS/post/2014/01/29/AndroidCaptured79ShareofGlobalSmartphoneShipmentsin2013.aspx.
|
[2] |
Felt A P,Chin E,Hanna S,et al.Android permissions demystified[C]∥Proc of the 18th ACM Conference on Computer and Communications Security, 2011:627638.
|
[3] |
Felt A P,Egelman S, Finifter M. et al. How to ask for permission[C]∥Proc of HotSec’12, 2012:1.
|
[4] |
Au K W Y,Zhou Y F,Huang Z,et al.Pscout:Analyzing the Android permission specification[C]∥Proc of the 2012 ACM Conference on Computer and Communications Security, 2012:217228.
|
[5] |
Bartel A, Klein J, Le Traon Y, et al. Automatically securing permissionbased software by reducing the attack surface:An application to Android[C]∥Proc of the 27th IEEE/ACM International Conference on Automated Software Engineering, 2012:274277.
|
[6] |
Vidas T, Christin N, Cranor L. Curbing Android permission creep[C]∥Proc of the Web 2.0 Security and Privacy 2011, 2011:1.
|
[7] |
Wei X, Gomez L, Neamtiu I, et al. Permission evolution in the Android ecosystem[C]∥Proc of the 28th Annual Computer Security Applications Conference, 2012:3140.
|
[8] |
Yang Bo, Tang Zhushou, Zhu Haojin, et al. Method of Android applications permission detection based on static dataflow analysis[J]. Computer Science, 2012, 39(11A):1618.(in Chinese)
|
[9] |
Enck W, Ongtang M, McDaniel P. On lightweight mobile phone application certification[C]∥Proc of the 16th ACM Conference on Computer and Communications Security, 2009:235245.
|
[10] |
Barrera D, Kayacik H G, van Oorschot P C, et al. A methodology for empirical analysis of permissionbased security models and its application to Android[C]∥Proc of the 17th ACM conference on Computer and Communications Security, 2010:7384.
|
[11] |
Peng H, Gates C, Sarma B, et al. Using probabilistic generative models for ranking risks of Android apps[C]∥Proc of the 2012 ACM Conference on Computer and Communications Security, 2012:241252.
|
[12] |
Pearce P, Felt A P, Nunez G, et al. AdDroid:Privilege separation for applications and advertisers in Android[C]∥Proc of the 7th ACM Symposium on Information, Computer and Communications Security, 2012:7172.
|
[13] |
Zhang Y, Yang M, Xu B, et al. Vetting undesirable behaviors in Android apps with permission use analysis[C]∥Proc of the 2013 ACM SIGSAC Conference on Computer & Communications Security, 2013:611622.
|
[14] |
Yang Huan, Zhang Yuqing, Hu Yupu, et al. A malware behavior detection system of Android applications based on multiclass features[J]. Chinese Journal of Computers, 2014, 37(1):1527.(in Chinese)
|
[15] |
Zhang Rui, Yang Jiyun. Android malware detection based on permission correlation[J]. Journal of Computer Applications, 2014, 34(5):13221325.(in Chinese)
|
[16] |
Nauman M,Khan S,Zhang X.Apex:Extending Android permission model and enforcement with userdefined runtime constraints[C]∥Proc of the 5th ACM Symposium on Information, Computer and Communications Security, 2010:328332.
|
[17] |
Bao Kejin, Peng Zhao. An extended Android application permission management model[J]. Computer Engineering , 2012, 38(18):5760.(in Chinese)
|
[18] |
Xu R, Sadi H, Anderson R. Aurasium:Practical policy enforcement for Android applications[C]∥Proc of the 21st USENIX Conference on Security Symposium, 2012:27.
|
[19] |
Livshits B, Jung J. Automatic mediation of privacysensitive resource access in smartphone applications[C]∥Proc of the 22nd USENIX Security Symposium, 2013:113130.
|
[20] |
Smalley S, Craig R. Security enhanced (se) Android:Bringing flexible MAC to Android[C]∥Proc of the 20th Annual Network and Distributed System Security Symposium (NDSS’13), 2013:1.
|
[21] |
Bugiel S, Heuser S, Sadeghi A R. Flexible and finegrained mandatory access control on Android for diverse security and privacy policies[C]∥Proc of the 22nd USENIX Security Symposium (USENIX Security’13), 2013:131146.
|
[22] |
Bugiel S,Davi L,Dmitrienko A,et al.Practical and lightweight domain isolation on Android[C]∥Proc of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, 2011:5162.
|
[23] |
Ongtang M, McLaughlin S, Enck W, et al. Semantically rich applicationcentric security in Android[J]. Security and Communication Networks, 2012, 5(6):658673.
|
[24] |
Tang Wei.Research and improvement on Android framwork’s security enforcement[D]. Ningbo:Ningbo University, 2011. (in Chinese)
|
[25] |
Smali [EB/OL].[20140516]. https://code.google.com/p/smali/.
|
[26] |
axml [EB/OL].[20140516]. https://code.google.com/p/axml/.
|
[27] |
Google Play[EB/OL].[20140516]. https://play.google.com/store.
|
|
附中文参考文献:
|
[8] |
杨博, 唐祝寿, 朱浩谨, 等. 基于静态数据流分析的Android应用权限检测方法[J]. 计算机科学,2012, 39(11A):1618.
|
[14] |
杨欢, 张玉清, 胡予濮, 等. 基于多类特征的Android应用恶意行为检测系统[J]. 计算机学报, 2014, 37(1):1527.
|
[15] |
张锐, 杨吉云. 基于权限相关性的Android恶意软件检测[J]. 计算机应用, 2014, 34(5):13221325.
|
[17] |
鲍可进, 彭钊. 一种扩展的Android应用权限管理模型[J]. 计算机工程,2012, 38(18):5760.
|
[24] |
汤伟. Android应用程序框架安全机制研究及改进[D].宁波:宁波大学, 2011.
|