[1]王研昊,马媛媛,杨明,等.基于隐性标识符的零权限Android智能终端识别[J].东南大学学报(自然科学版),2015,45(6):1046-1050.[doi:10.3969/j.issn.1001-0505.2015.06.004]
 Wang Yanhao,Ma Yuanyuan,Yang Ming,et al.Zero permission Android device identification based on implicit identifiers[J].Journal of Southeast University (Natural Science Edition),2015,45(6):1046-1050.[doi:10.3969/j.issn.1001-0505.2015.06.004]
点击复制

基于隐性标识符的零权限Android智能终端识别()
分享到:

《东南大学学报(自然科学版)》[ISSN:1001-0505/CN:32-1178/N]

卷:
45
期数:
2015年第6期
页码:
1046-1050
栏目:
计算机科学与工程
出版日期:
2015-11-20

文章信息/Info

Title:
Zero permission Android device identification based on implicit identifiers
作者:
王研昊1马媛媛2杨明1罗军舟1
1东南大学计算机科学与工程学院, 南京 211189; 2国网智能电网研究院, 南京 211106
Author(s):
Wang Yanhao1 Ma Yuanyuan2 Yang Ming1 Luo Junzhou1
1School of Computer Science and Engineering, Southeast University, Nanjing 211189, China
2State Grid Smart Grid Research Institute, Nanjing 211106, China
关键词:
Android系统 智能终端识别 隐性标识符 指纹匹配算法
Keywords:
Android system device identification implicit identifiers fingerprint matching algorithm
分类号:
TP311
DOI:
10.3969/j.issn.1001-0505.2015.06.004
摘要:
针对现有Android智能终端识别直接利用IMEI,Android_ID等显性标识符存在依赖敏感权限和易失效的问题,提出了一种基于隐性标识符组合的零权限设备识别方法.通过调用系统API并执行Linux Shell命令,从物理层、应用层以及用户层3个层次上获取设备型号、屏幕信息、内核编译信息、User Agent、系统语言、字体大小、字体列表、用户安装程序列表等8个隐性标识符,并将其组合形成设备指纹.然后,提出了指纹精确匹配算法和变化指纹关联匹配算法,用于仅1个隐性标识符发生变化且变化前后相似程度大于0.85时的设备关联识别.通过采集真实用户数据进行实验验证,结果表明所提算法的设备识别准确率达到94.52%.
Abstract:
In the current technologies of Android device identification, explicit identifiers are usually adopted, such as IMEI(international mobile equipment identity)and Android_ID, which depend on sensitive permissions and are liable to fail. To solve these problems, a zero permission device identification method based on the implicit identifier group is proposed. From the physic layer, the application layer and the user layer, eight implicit identifiers including device type, screen information, kernel compile information, user agent, system language, font size, font list and user installed package list are obtained by calling system API(application programming interface)and executing Linux Shell commands. These eight implicit identifiers are combined to form the device fingerprint. Then, the corresponding fingerprint exact matching algorithm and the changing fingerprint associated matching algorithm are proposed, which can be applied to device related identification when only one implicit identifier changes and the similarity ratio is above 0.85 before and after the change. Finally, the experimental verification is carried out based on the real user data, and the results show that the device identification accuracy rate of the proposed algorithm can reach 94.52%.

参考文献/References:

[1] IDC. Smartphone OS market share[EB/OL].(2015-01-15)[2015-01-31]. http://www.idc.com/prodserv/smartphone-os-market-share.jsp.
[2] Han S, Jung J, Wetherall D. An empirical study of third-party tracking by mobile applications in the wild[R]. San Jose, CA, USA: NSDI, 2012.
[3] Google Inc. Identifying app installations[EB/OL].(2011-03-01)[2015-01-31]. http://android-developers.blogspot.jp/2011/03/identifying-app-installations.html.
[4] Grace M C, Zhou W, Jiang X, et al. Unsafe exposure analysis of mobile in-app advertisements[C]//Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks. Tucson, Arizona, USA, 2012: 101-112.
[5] Kohno T, Broido A, Claffy K C. Remote physical device fingerprinting[J]. IEEE Transactions on Dependable and Secure Computing, 2005, 2(2): 93-108.
[6] Dey S, Roy N, Xu W, et al. AccelPrint: imperfections of accelerometers make smartphones trackable[C]//Proceedings of the Network and Distributed System Security Symposium. San Diego, CA, USA, 2014: 1-16.
[7] Zhou Z, Diao W, Liu X, et al. Acoustic fingerprinting revisited: generate stable device ID stealthily with inaudible sound[C]//Proceedings of the 2014 ACM SIGSAC Conference on Computer & Communications Security. New York, USA, 2014: 429-440.
[8] Das A, Borisov N, Caesar M. Do you hear what I hear? Fingerprinting smart devices through embedded acoustic components[C]//Proceedings of the 2014 ACM SIGSAC Conference on Computer & Communications Security. New York, USA, 2014: 441-452.
[9] Franklin J, McCoy D, Tabriz P, et al. Passive data link layer 802.11 wireless device driver fingerprinting[C]//Proceedings of the 15th Conference on USENIX Security Symposium. Vancouver, Canada, 2006: 167-178.
[10] Erman J, Arlitt M, Mahanti A. Traffic classification using clustering algorithms[C]//Proceedings of the 2006 SIGCOMM Workshop on Mining Network Data. Pisa, Italy, 2006: 281-286.
[11] Stöber T, Frank M, Schmitt J, et al. Who do you sync you are smartphone fingerprinting via application behaviour[C]//Proceedings of the Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks. Budapest, Hungary, 2013: 7-12.
[12] Pang J, Greenstein B, Gummadi R, et al. 802.11 user fingerprinting[C]//Proceedings of the 13th Annual ACM International Conference on Mobile Computing and Networking. Montreal, Canada, 2007:99-110.
[13] Acar G, Juarez M, Nikiforakis N, et al. FPDetective: dusting the web for fingerprinters[C]//Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security. Berlin, Germany, 2013:1129-1140.
[14] Eckersley P. How unique is your web browser?[C]//Proceedings of the 10th International Conference on Privacy Enhancing Technologies. Berlin, Germany, 2010: 1-18.

备注/Memo

备注/Memo:
收稿日期: 2015-03-31.
作者简介: 王研昊(1990—),男,硕士生;杨明(联系人),男,博士,副教授,yangming2002@seu.edu.cn.
基金项目: 国家自然科学基金资助项目(61272054, 61402104, 61572130, 61320106007)、国家高技术研究发展计划(863计划)资助项目(2013AA013503)、国家电网公司科技资助项目(EPRIXXKJ[2014]2244)、东南大学江苏省网络与信息安全重点实验室资助项目(BM2003-201)、东南大学计算机网络和信息集成教育部重点实验室资助项目(93K-9).
引用本文: 王研昊,马媛媛,杨明,等.基于隐性标识符的零权限Android智能终端识别[J].东南大学学报:自然科学版,2015,45(6):1046-1050. [doi:10.3969/j.issn.1001-0505.2015.06.004]
更新日期/Last Update: 2015-11-20