透過您的圖書館登入 IP:3.137.198.183
透過您的圖書館登入
IP:3.137.198.183
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

預防第三方軟體對使用者過度請求授權之提醒機制

Warning Mechanism for Preventing over Privileged Applications from Third-Party

高宗永(Tzung-Yung Kao)
指導教授 : 郭斯彥
國立臺灣大學/電機資訊學院/電機工程學研究所/碩士(2013年)
https://doi.org/10.6342/NTU.2013.02952
全文下載

摘要

最近幾年智慧型裝置的成長速度遠超乎我們的想像,使用者透過手 持裝置進行的各種活動也越趨多元。大量的資源引發了行動裝置惡意 軟體的快速增加,有些惡意軟體會破解系統權限、濫用加值服務 如: 發送簡訊、購買軟體等。也有些軟體會大量發送廣告訊息或是竊取使 用者的各類資訊,對於注重個人隱私的使用者來說也是一種惡意行 為。在android系統中,應用程式要執行特定功能都必須要在安裝的時 候先取得相對應的授權。因此,透過確認應用程式請求的權限可以避 免許多的惡意軟體。 在本篇論文中,我們提出一個整合android應用程式和網路服務的系 統架構。同時,利用推薦演算法-協同過濾產生的推薦指數來達成我們 的提醒機制。推薦分數對使用者來說是很直覺且容易理解的方式。當 使用者覺得推薦程度低的時候可以檢視列出的權限表,重新考慮是否 要安裝。最後,以使用者的決定與推薦分數相近的程度來驗證我們系 統的功能性。

關鍵字

過度授權 第三方軟體 協同過濾 行動裝置 惡意軟體

並列摘要

Recently, smart mobile is increasing with a rapidly rate which is out of our expected. Diversity activities are also executed through the mobile de- vice. Potential market and numerous user data are the factors that accelerate the mobile malwares growth. Some malwares would root the device and abuse premium service e.g., send message, download pay app etc. Others deliver advertisement frequently or sending user’s information to their cloud server, such applications can also regard as a kind of malware. In android system, if application want to do any certain action, they must acquire the correspond authorization before installation. Thus, we can avoid many mal- wares by checking the appropriateness of request permissions. In this thesis, we proposed a framework that integrates android client ap- plication and the cloud API service. Meanwhile, our warning mechanism is achieved by utilizing the prediction value that is generated from adaption Collaborative filtering. The propose method has been examined through the degree of propinquity between actual decision and prediction.

並列關鍵字

Android Over Privileged Third-part Application Collaborative Filtering Mobile Malware

參考文獻

[4] Google I/O 2013. https://developers.google.com/events/io/.
[8] C. Davidsson and S. Moritz. Utilizing implicit feedback and context to recommend mobile applications from first use. In Proceedings of the 2011 Workshop on Context-awareness in Retrieval and Recommendation, pages 19–22. ACM, 2011.
[9] M. Shehab and S. Marouf. Recommendation models for open authorization. Dependable and Secure Computing, IEEE Transactions on, 9(4):583–596, 2012.
[11] M. Zheng, M. Sun, and J. C. Lui. Droidanalytics: A signature based analytic system tocollect, extract, analyze and associate android malware. arXiv preprint arXiv:1302.7212,2013.
[12]V.W.Zheng,Y.Zheng,X.Xie,andQ.Yang.Collaborativelocationandactivityrecommen-dations with gps history data. In Proceedings of the 19th international conference on Worldwide web, pages 1029–1038. ACM, 2010.

延伸閱讀

全文下載