Many Android apps employ WebView, a component that enables the display of web content in the apps without redirecting users to web browser apps. However, WebView might also be used for cyberattacks. Moreover, to the best of our knowledge, although some countermeasures based on access control have been reported for attacks exploiting WebView, no mechanism for monitoring web access via WebView has been proposed and no analysis results focusing on web access via WebView are available. In consideration of this limitation, we propose a web access monitoring mechanism for Android WebView to analyze web access via WebView and clarify attacks exploiting WebView. In this paper, we present the design and implementation of this mechanism by modifying Chromium WebView without any modifications to the Android framework or Linux kernel. The evaluation results of the performance achieved on introducing the proposed mechanism are also presented here. Moreover, the result of threat analysis of displaying a fake virus alert while browsing websites on Android is discussed to demonstrate the effectiveness of the proposed mechanism.

许多Android应用程序都使用WebView，该组件可在应用程序中显示Web内容，而无需将用户重定向到Web浏览器应用程序。但是，WebView也可能用于网络攻击。而且，据我们所知，尽管已经报道了一些基于访问控制的针对WebView攻击的对策，但尚未提出通过WebView监视Web访问的机制，也没有针对WebView进行访问的分析结果。考虑到此限制，我们为Android WebView提出了一种Web访问监视机制，以分析通过WebView进行的Web访问并阐明利用WebView进行的攻击。在本文中，我们通过修改Chromium WebView而不对Android框架或Linux内核进行任何修改来介绍此机制的设计和实现。在此还介绍了通过引入所提出的机制而获得的性能评估结果。此外，讨论了在Android上浏览网站时显示假病毒警报的威胁分析结果，以证明所提出机制的有效性。