A construction method for communication APP security portrait based on flawed API

Shanling Li; Changyou Zheng; Sen Yang

doi:10.1117/12.2685958

15 August 2023 A construction method for communication APP security portrait based on flawed API

Shanling Li, Changyou Zheng, Sen Yang

Proceedings Volume 12719, Second International Conference on Electronic Information Technology (EIT 2023); 127192N (2023) https://doi.org/10.1117/12.2685958
Event: Second International Conference on Electronic Information Technology (EIT 2023), 2023, Wuhan, China

Abstract

The main service mode of communication protocol or communication business support software for upper application is API (Application Programming Interface). This paper focuses on whether the defective API is abused. Based on the method of extracting the feature set of defective communication API, and the defective communication APIs called in the APPs are analyzed and the communication security portrait of the APPs is builded. 20 typical open source communication software are selected to extract the feature set of defective APIs, and 1000 candidate APPs that may have security risks are screened to further evaluate the risks to obtain their communication security profiles. The experimental results show that the methods proposed in this paper can effectively detect the functional defects and privacy disclosure defects in communication APPs. This method not only provides a new technology for communication software security testing, but also provides a new idea for communication software security protection.

Citation Download Citation

Shanling Li, Changyou Zheng, and Sen Yang "A construction method for communication APP security portrait based on flawed API", Proc. SPIE 12719, Second International Conference on Electronic Information Technology (EIT 2023), 127192N (15 August 2023); https://doi.org/10.1117/12.2685958

ACCESS THE FULL ARTICLE

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available

Members: $17.00

Non-members: $21.00 ADD TO CART

PROCEEDINGS
11 PAGES

DOWNLOAD PAPER SAVE TO MY LIBRARY

GET CITATION

RIGHTS & PERMISSIONS

Get copyright permission Get copyright permission on Copyright Marketplace

KEYWORDS

Information security

RELATED CONTENT

Face recognition with support vector machine
Proceedings of SPIE (March 14 2013)

An analysis in Chinese stock market using the capital asset...
Proceedings of SPIE (August 23 2022)

Construction of intelligent network anti risk index evaluation system based...
Proceedings of SPIE (September 11 2023)

Bacteriorhodopsin-based photochromic pigments for optical security applications
Proceedings of SPIE (April 19 2002)

SAR based sea traffic monitoring a reliable approach for...
Proceedings of SPIE (October 26 2011)

Research on the framework structure and application of computer network...
Proceedings of SPIE (September 26 2023)

Subscribe to Digital Library

Receive Erratum Email Alert

Keywords/Phrases

Search In:

Publication Years