Full-Text Search:
Home|Journal Papers|About CNKI|User Service|FAQ|Contact Us|中文
《Electronic Technology》 2017-06
Add to Favorite Get Latest Update

Detecting the Privilege Escalation Vulnerabilities in Android Applications

Zhong Xing-qiu;Zeng Fan-ping;Cheng Zhi-chao;Xie Nian-nian;Qin Xiao-xia;Guo Shu-li;School of Computer Science and Technology,University of Science and Technology of China;Anhui Province Key Lab of Software in Computing and Communication;  
Android applications can communicate with each other to share data with the ability of inter-component communication provided by Android. To protect the security of system, Android applications are not allowed to access sensitive APIs unless they have the corresponding permissions. But malicious applications can still call sensitive APIs indirectly through calling components exposed by other applications, leading to privilege escalation, i.e., applications without sensitive permissions can access sensitive APIs. Android system is insecure if privilege escalation is used by malicious applications. In this paper, we propose a method based on inter-application taint flow analysis to detect privilege escalation vulnerabilities between two Android applications.
【CateGory Index】: TP309;TP316
Download(CAJ format) Download(PDF format)
CAJViewer7.0 supports all the CNKI file formats; AdobeReader only supports the PDF format.
©2006 Tsinghua Tongfang Knowledge Network Technology Co., Ltd.(Beijing)(TTKN) All rights reserved