摘要
随着移动终端设备的不断普及,越来越多的用户选择安装第三方应用软件以满足自己不同的需求。由于缺乏对应用软件合法性的辨别能力,大多数用户在不经意间安装了非法应用软件。非法应用软件通过修改合法应用软件的源码并在其中植入恶意代码后重新打包生成。修改他人应用软件的行为侵犯了原软件开发者的合法权益,同时其中包含的恶意代码会获取用户的信息,导致用户的隐私受到侵犯、财产受到损失。非法应用软件已经严重威胁到移动终端设备的安全。文章提出一种基于签名查验的判别技术,通过采集合法应用软件数字证书中的特征参数建立白名单库,将待测应用软件数字证书中对应的特征参数与白名单库中的数据进行比对,从而判定其合法性。实验结果表明,该技术检测速度快、准确率高,具有很强的实用性。
With the increasing popularity of mobile terminal devices, more and more users choose to install third-party application software to meet their different needs. Due to the lack of ability to discriminate against the legality of applications, most users have inadvertently installed illegal applications. Illegal application software is repackaged by modifying the source code of the legitimate application software and embedding malicious code in it. The modification of other people’s application software infringes the legitimate rights and interests of the original software developer, and the malicious code contained therein will obtain the user’s information, resulting in the user’s privacy violation and property loss. The illegal application software has seriously threatened the security of the mobile terminal device. This paper proposes a discriminant technology based on signature verification. The whitelist database is built by collecting the characteristic parameters in the digital certificate of the legal application software, and then the corresponding feature parameters in the digital certificate of the application software to be tested are compared with the data in the whitelist database to determine its legality. The experimental results show that the technology has high detection speed, high accuracy and strong practicability.
作者
李涛
时俊贤
胡爱群
LI Tao;SHI Junxian;HU Aiqun(School of Cyber Science and Engineering,Southeast University,Nanjing Jiangsu 210096,China)
出处
《信息网络安全》
CSCD
北大核心
2019年第11期56-62,共7页
Netinfo Security
基金
国家自然科学基金[61601113]
关键词
移动终端应用软件
合法性判别
数字证书
白名单
mobile terminal application software
legality discrimination
digital certificate
whitelist
