Research On Security Detection And Protection Technology Based On IOS Platform Application

With the continuous development of mobile technology,mobile intelligence equipment are playing an important role in people’s work and life.In recent years,the mobile payment market has become more and more popular,people use a variety of financial App to manage their personal property,such as Alipay,WeChat payment,Baidu wallet and so on.As people put a lot of personal information stored in mobile devices,the attendant security issues become more and more important.As one of the most popular mobile operating system,at the end of 2016,the applications in App Store have been downloaded 140 billion times.Although Apple has a strict censorship to ensure the safety of the application,there are still many malicious applications have been shelves in the App Store,they caused a serious threat to the user’s privacy information and property security.Because of the closed-source characteristics of iOS,the research on its security areas is very difficult,but it is still necessary.This thesis mainly analyzes the current iOS system and its application’s security.The main contributions are as follows:1)Designed a security assessment framework based on iOS platform,including the system security assessment,application security assessment and user data security assessment,a total of nine sub-modules.This framework provides a comprehensive security assessment on iOS devices and is extensible.2)One of the sub-modules is implemented in the framework of the safety assessment.Put forward an iOS application security assessment system.Using feature-based and heuristic-based static detection methods.Based on the two detection methods,the corresponding detection module is implemented.By analyzing the application code in the reverse direction,the application code is used to judge and classify the application of the user’s privacy and security.This part focus on the application of detection.3)Put forward a protective mechanism to deal with the emergence of “Masque Attacks”.The basic mechanism of “Masque Attack” is analyzed and reproduction on an iOS device.By using the asymmetric encryption mechanism,the corresponding protection mechanism is put forward.the replay attack is also considered.Finally,the validity of the proposed protection mechanism is demonstrated.This part focus on the application of the protective mechanism of the study.