1. Field
The present disclosure relates to a method and apparatus for analyzing an application executed in a smart device, and more particularly, to a method and apparatus for detecting whether an information resource obtained by an application is leaked outside a device by the application via static analysis.
2. Description of the Related Art
The use of smart devices, such as smart phones, tablets, smart televisions (TVs), and e-book readers (for example, kindle fire) has become widespread. In this regard, types and numbers of applications usable in the smart devices have been remarkably increased. Such applications use resources stored in the smart devices so as to provide convenient and useful services to users.
An application executed in a smart device is capable of externally transmitting a sensitive information resource, such as an address list or photos, based on authority requested by additional information included in the application and a program source of the application. However, if an information resource stored in the smart device is leaked against the will of a user or secretly from the user without permission excluding a case when the information resource is externally transmitted by the user, security concerns may arise.
FIG. 1 is a diagram for describing a method of detecting a leak of sensitive data by performing dynamic analysis on an application downloaded from a smart device platform. Referring to FIG. 1, the method is performed by installing software trackers at a portion transmitting and receiving a message between application codes, at a system library, and at a storage medium. Each tracker notifies whether an information resource used by an application is sensitive data, and generates an alarm if data externally transmitted through a network includes the sensitive data.
Since the method of detecting a leak of information sources by using the dynamic analysis is performed while executing an application, the method deteriorates performance of the smart device or the application. Unlike a virus that changes a function of an application by infecting a platform, the method needs to check a function realized in the application, and thus it is difficult to apply antivirus technology to the method.
Furthermore, since the method involves different scenarios of using resources of the smart device according to applications, it is difficult to analyze various and numerous applications due to a limit with respect to a batch test. An analysis range based on the method differs according to test cases, and it is practically difficult to analyze a total number of cases, and analytical reliability depends on the test cases.