Abstract:Android applications may steal the user′s call conversation and ambient sound by means of recording.However,the security mechanism of current Android system based on privilege management can′t completely prevent the user′s private information from being stolen by malicious programs.In this paper,we propose a detecting tool called RecEye,it applies context-sensitive and flow-sensitive static analysis to detect whether the application has the possibility to eavesdrop.To evaluate the performance of RecEye,we downloaded 40,000+apps randomly from a variety of popular app stores for testing.The experimental results show that RecEye detected 3 true eavesdropping software,who are not marked as having hidden eavesdropping after being scanned by the mainstream Anti-Virus Software.Furthermore,we also analyzed nearly 10,000 malware samples,and RecEye′s accuracy statistics show an average of 6.52% false positive and 2% false negative and most of the software can be analyzed within 1 minute.
宋卫卫,杨哲慜,杨珉. RecEye:一种针对安卓窃听程序的检测方法[J]. 小型微型计算机系统, 2015, 36(6): 1276-1282.
SONG Wei-wei,YANG Zhe-min,YANG Min. RecEye:a Method to Detect Android Eavesdropping Application. Journal of Chinese Computer Systems, 2015, 36(6): 1276-1282.