参考文献/References:
[1] Grace M C,Zhou Yajin,Wang Zhi,et al. Systematic detection of capability leaks in stock Android smartphones[C]//Proceedings of the 19th Annual Symposium on Network and Distributed System Security. London,UK:Internet Society,2012:19-33.
[2]Felt A P,Wang H J,Moshchuk A,et al. Permission re-delegation:Attacks and defenses[C]//USENIX Conference on Security. Berkeley,CA,USA:USENIX Association,2011:22-37.
[3]Lu Long,Li Zhichun,Wu Zhenyu,et al. CHEX:Statically vetting Android Apps for component hijacking vulnerabilities[C]//Computer and Communications Security. New York,USA:ACM,2012:229-240.
[4]Zhou Yajin,Jiang Xuxian. Detecting passive content leaks and pollution in Android applications[C]//Proceedings of the 20th Network and Distributed System Security Symposium. London,UK:Internet Society,2013:1-16.
[5]Zhongyang Yibing,Xin Zhi,Mao Bing,et al. DroidAlarm:An all-sided static analysis tool for Android privilege-escalation malware[C]//ACM Symposium on Information,Computer and Communications Security. New York,USA:ACM,2013:353-358.
[6]Hay R,Tripp O,Pistoia M. Dynamic detection of inter-application communication vulnerabilities in Android[C]//International Symposium on Software Testing and Analysis. New York,USA:ACM,2015:118-128.
[7]Au K W Y,Zhou Yifan,Huang Zhen,et al. PScout:Analyzing the Android permission specification[C]//Computer and Communications Security. New York,USA:ACM,2012:217-228.
[8]俞研,金凤,吴家顺.基于自定义安全策略的Android应用细粒度访问控制方法[J]. 南京理工大学学报,2016,40(2):142-148.
Yu Yan,Jin Feng,Wu Jiashun.Android application fine-grained access control based on self-defined security policy[J]. Journal of Nanjing University of Science and Technology,2016,40(2):142-148.
[9]陈昊,姜海涛,郭静,等. 基于系统调用的安卓恶意应用检测方法[J]. 南京理工大学学报,2017,41(6):720-724.
Chen Hao,Jiang Haitao,Guo Jing,et al. Android malware detection method based on system calls[J]. Journal of Nanjing University of Science and Technology,2017,41(6):720-724.
[10]APKPure. APKPure应用市场[EB/OL]. https://apkpure.com/cn/app,2018-05-28.
[11]MWR Labs. Drozer:Comprehensive security and attack framework for Android[EB/OL]. https://labs.mwrinfosecurity.com/tools/drozer,2018-05-28.
[12]AndroBugs. AndroBugs framework[EB/OL]. https://github.com/AndroBugs/AndroBugs_Framework,2015-11-12.
[13]腾讯公司. 金刚-腾讯安全应急响应中心[EB/OL]. https://service.security.tencent.com/kingkong,2014-09-18.