可以监控应用程序的安全吗?

发布于 2024-12-08 16:18:45 字数 422 浏览 6 评论 0原文

我和一位同事正在谈论(以某种方式)我读过的文章(HTC 权限安全风险)。基本上,争论归结为是否可以记录应用程序正在执行的每个操作。然后有人(一个抽象的理论人)会检查并查看该应用程序是否正在做它应该做的事情,而不是试图充满恶意。

我已经用 Android 编程一年了,据我所知 - if - 这是否可能,你必须破解 Dalvik 并输出什么每个流程都在做。即使你要这样做,我认为这也是完全无法解读的,因为每个进程正在做的事情非常多。

我可以通过一种方式或另一种方式获得一些输入吗?尝试记录外国应用程序正在做什么是完全不切实际的吗?

A coworker and I were talking (after a fashion) about an article I read (HTC permission security risk). Basically, the argument came down to whether or not it was possible to log every action that an application was doing. Then someone (an abstract theroetical person) would go through and see if the app was doing what it was supposed to do and not trying to be all malicious like.

I have been programming in Android for a year now, and as far as I know if -- if -- that was possible, you would have to hack Dalvik and output what each process was doing. Even if you were to do that, I think it would be completely indecipherable because of the sheer amount of stuff each process was doing.

Can I get some input one way or the other? Is it completely impractical to even attempt to log what a foriegn application is doing?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

半暖夏伤 2024-12-15 16:18:45

我已经用 Android 编程一年了,据我所知,如果——如果——这可能的话,你将不得不破解 Dalvik 并输出每个进程正在做什么。

与其说是“破解 Dalvik”,不如说是“破解 android.* 类库,也许还有其他一些东西(例如,java.net)。

即使您要这样做,我认为它也将完全无法解读,因为每个进程正在做的事情数量巨大。

如果您已经确定了不适当操作的模式,您也许可以对输出进行一些奇特的模式匹配或某些操作。当然,还有一个小问题,即必须手动测试应用程序(以生成输出)。

尝试记录外国应用程序正在做什么是完全不切实际的吗?

来自 SDK 应用程序?我真希望如此。

来自运行经过上述更改的修改固件的设备?我想说这是不切实际的,除非你有一个相当规模的开发团队,在这一点上它只是昂贵的。

I have been programming in Android for a year now, and as far as I know if -- if -- that was possible, you would have to hack Dalvik and output what each process was doing.

Not so much "hack Dalvik" but "hack the android.* class library, and perhaps a few other things (e.g., java.net).

Even if you were to do that, I think it would be completely indecipherable because of the sheer amount of stuff each process was doing.

You might be able to do some fancy pattern matching or something on the output -- given that you have determined patterns of inappropriate actions. Of course, there is also the small matter of having to manually test the app (to generate the output).

Is it completely impractical to even attempt to log what a foriegn application is doing?

From an SDK app? I damn well hope so.

From a device running a modded firmware with the aforementioned changes? I'd say it is impractical unless you have a fairly decent-sized development team, at which point it is merely expensive.

她比我温柔 2024-12-15 16:18:45

如果您正在编译自己的 ROM,那么这是可能且实用的。 Android 基于 Linux,我知道几个类似的 Linux 项目,例如 Linux Trace Toolkit。我还知道有关可视化结果并从结果中检测恶意应用程序的研究。

此类功能经常用于的另一件事是性能和可靠性监控。您可以阅读 Solaris 中的 DTRACE 功能,以了解有关此类内容如何在商业而非学术界使用的更多信息。

This is both possible and practical if you are compiling your own ROM. Android is based on Linux and I know several projects like this for Linux, like Linux Trace Toolkit. I also know of research into visualizing the results and detecting malicious apps from the results as well.

Another thing functionality like this is often used for is performance and reliability monitoring. You can read about the DTRACE functionality in Solaris to learn more about how this sort of stuff is used in business rather than academia.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文