| ID | 原文 | 译文 |
| 3133 | 为了解决 Android 应用权限机制的滥用,提出了一种基于虚拟机字节码注入技术的 Android 应用程序权 限访问控制方法。 | To solve the abuse of the Android application permission mechanism, a method of Android application access control based on virtual machine bytecode injection technology was proposed. |
| 3134 | 所提方法能够根据用户的安全需求和使用场景,生成虚拟机字节码形式的安全策略,并将其注 入 Android 应用的涉及危险权限请求和敏感数据访问的代码单元中,从而实现动态应用行为控制。 | The security policy in the form of virtual ma- chine bytecode was generated according to the user's security requirement and usage scenario, and injected into the coding unit of Android application that involves dangerous permission request and sensitive data access, to realize dynamic applica- tion behavior control. |
| 3135 | 对国内 4 家主 流应用商店爬取的应用程序进行测试,结果表明,所提方法可以对合法 App 的敏感 API 调用和危险权限请求进行 有效拦截,并根据预定的安全策略实施控制, | Tests on applications crawled from four mainstream domestic App stores show that the method can ef- fectively intercept sensitive API calls and dangerous permission requests of legitimate App programs and implement control according to pre-specified security policies. |
| 3136 | 注入虚拟机字节码后的大部分 App 运行不受注入代码影响,稳健性 得到保证,且具有较好的普适性。 | Also, after injecting virtual machine bytecode, most of the App program opera- tion is not affected by the injected code, and the robustness is guaranteed. The proposed method has a good universality. |
| 3137 | 为了解决现实环境中网络规模日益扩大导致网络攻击持续高发的现状,将威胁情报应用到态势感知,构 建基于随机博弈的态势感知模型。 | In order to deal with the problems that the increasing scale of the network in the real environment leads to the continuous high incidence of network attacks, the threat intelligence was applied to situational awareness, and the situa- tional awareness model based on random game was constructed. |
| 3138 | 将外源威胁情报与系统内部安全事件之间的相似度进行比较,对目标系统进行 威胁察觉,根据系统内部的威胁信息生成内源威胁情报; | Threat perception of the target system was performed by comparing the similarity between the exogenous threat intelligence and the internal security events of the system. At the same time, internal threat intelligence was generated based on the threat information inside the system. |
| 3139 | 在此过程中,利用博弈论的思想量化系统当前的网络安 全态势,评估网络的安全状况,最终实现对网络安全态势的预测。 | In this process, game theory was used to quantify the current network security situation of the system, evaluate the security status of the network. Finally, the prediction of the network security situation was realized. |
| 3140 | 实验结果表明,基于威胁情报的网络安全态势 感知模型能正确地反映网络安全状态的变化,对攻击行为进行准确的预测。 | The experimental results show that the network security situation awareness method based on threat intelligence can reflect the changes in the network security situation and predict attack behaviors accurately. |
| 3141 | 海量数据价值虽高但与用户隐私关联也十分密切,以高效安全地共享多方数据且避免隐私泄露为目标, 介绍了非聚合式数据共享领域的研究发展。 | Although there is a great value hidden in the massive data, it can also easily expose user privacy. Aiming at ef- ficiently and securely sharing data from multiple parties and avoiding leakage of user private information, the develop- ment of related research and technologies on the non-aggregated data sharing field was introduced. |
| 3142 | 首先,简述安全多方计算及其相关技术,包括同态加密、不经意传输、 秘密共享等; | Firstly, secure mul- ti-party computing and its technologies were briefly described, including homomorphic encryption, oblivious transfer, secret sharing, etc. |