基于Binder的Android支付信息安全的研究
    点此下载全文
引用本文:刘子煜,吴健学.基于Binder的Android支付信息安全的研究[J].计算技术与自动化,2018,(1):117-120
摘要点击次数: 807
全文下载次数: 0
作者单位
刘子煜,吴健学 (武汉邮电科学研究院 湖北 武汉 430074) 
中文摘要:随着移动互联网的发展,Android手机平台内越来越多的APP具有移动支付功能。移动支付涉及到金融交易,支付信息安全显得尤为重要。本文分析了Android的Binder机制,通过将监控代码动态注入目标模块,对进程间的通信数据进行提取,通过比对既有信息,分析是否有恶意软件窃取目标APP的用户隐私信息。在支付环节之前将检测结果对用户给予提示,且对支付过程无较大影响,一定程度上保障了用户支付信息的安全。
中文关键词:Android系统  Binder  动态注入  信息提取
 
Research on Android Payment Information Security
Abstract:With the development of mobile Internet, more and more applications include the function of mobile payment in Android mobile phone platform.Mobile payment involves financial transactions, information security of payment is more and more important.This article first analyzes Binder principle of Android system, and then by injecting the code into the target module, the communication data between the processes can be extracted.Second, by comparing the existing information, analysis of whether there is malicious software to steal the users privacy information of target application.The result of the test is given to the users before the payment, and there is no significant impact on the payment process.This scheme guarantees the information security of payment in a certain extent.
keywords:Android system  Binder  dynamic injection  information extraction
查看全文   查看/发表评论   下载pdf阅读器