Identifying and Analyzing Security Risks in Android Application Components

被引:0
|
作者
Zhang, Ming [1 ]
机构
[1] Mianyang Polytech, Dept Comp Sci, Mianyang, Peoples R China
来源
INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS | 2016年 / 10卷 / 09期
关键词
Android security; Android components; Intents; message communication;
D O I
10.14257/ijsia.2016.10.9.17
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Android operating system provides a rich inter-application message passing system. The mechanism encourages inter-application collaboration and reduces developer burden by facilitating component reuse. Unfortunately, message passing is also an application attack surface. The content of messages can be sniffed, modified, stolen, or replaced, which can compromise user privacy. In this paper, we examine Android application interaction and identify security risks in application components. We provide a method that detects application communication vulnerabilities. And the effectiveness of the method is verified by experiments.
引用
收藏
页码:165 / 174
页数:10
相关论文
共 50 条
  • [1] Improving Android Application Security for Intent Based Attacks
    Khadiranaikar, Babu
    Zavarsky, Pavol
    Malik, Yasir
    2017 8TH IEEE ANNUAL INFORMATION TECHNOLOGY, ELECTRONICS AND MOBILE COMMUNICATION CONFERENCE (IEMCON), 2017, : 62 - 67
  • [2] Instrumentation Based Dynamic Android Application Security Protection System
    Li, Ming
    Piao, Zhikang
    Wang, Yong
    PROCEEDINGS OF THE 3RD WORKSHOP ON ADVANCED RESEARCH AND TECHNOLOGY IN INDUSTRY (WARTIA 2017), 2017, 148 : 261 - 272
  • [3] App in the Middle: Demystify Application Virtualization in Android and its Security Threats
    Zhang, Lei
    Yang, Zhemin
    He, Yuyu
    Li, Mingqi
    Yang, Sen
    Yang, Min
    Zhang, Yuan
    Qian, Zhiyun
    PROCEEDINGS OF THE ACM ON MEASUREMENT AND ANALYSIS OF COMPUTING SYSTEMS, 2019, 3 (01)
  • [4] Chidroid: A Mobile Android Application for Log Collection and Security Analysis in Healthcare and IoMT
    Karagiannis, Stylianos
    Ribeiro, Luis Landeiro
    Ntantogian, Christoforos
    Magkos, Emmanouil
    Campos, Luis Miguel
    APPLIED SCIENCES-BASEL, 2023, 13 (05):
  • [5] Investigating Weaknesses in Android Certificate Security
    Krych, Daniel E.
    Lange-Maney, Stephen
    McDaniel, Patrick
    Glodek, William
    MODELING AND SIMULATION FOR DEFENSE SYSTEMS AND APPLICATIONS X, 2015, 9478
  • [6] Android data storage security: A review
    Altuwaijri, Haya
    Ghouzali, Sanaa
    JOURNAL OF KING SAUD UNIVERSITY-COMPUTER AND INFORMATION SCIENCES, 2020, 32 (05) : 543 - 552
  • [7] Security-enhanced Android for an enterprise
    Rehman S.R.
    Waheed M.
    Masood A.
    International Journal of Security and Networks, 2022, 17 (02): : 92 - 106
  • [8] Android Security: Permission Based Attacks
    Jain, Arushi
    Prachi
    PROCEEDINGS OF THE 10TH INDIACOM - 2016 3RD INTERNATIONAL CONFERENCE ON COMPUTING FOR SUSTAINABLE GLOBAL DEVELOPMENT, 2016, : 2754 - 2759
  • [9] Network Security Challenges in Android Applications
    Buhov, Damjan
    Huber, Markus
    Merzdovnik, Georg
    Weippl, Edgar
    Dimitrova, Vesna
    PROCEEDINGS 10TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY ARES 2015, 2015, : 327 - 332
  • [10] Dynamic Security Policy Enforcement on Android
    Vanco, Matus
    Aron, Lukas
    INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2016, 10 (09): : 141 - 148
12345