Identifying and Analyzing Security Risks in Android Application Components

被引:0
作者
Zhang, Ming [1 ]
机构
[1] Mianyang Polytech, Dept Comp Sci, Mianyang, Peoples R China
来源
INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS | 2016年 / 10卷 / 09期
关键词
Android security; Android components; Intents; message communication;
D O I
10.14257/ijsia.2016.10.9.17
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Android operating system provides a rich inter-application message passing system. The mechanism encourages inter-application collaboration and reduces developer burden by facilitating component reuse. Unfortunately, message passing is also an application attack surface. The content of messages can be sniffed, modified, stolen, or replaced, which can compromise user privacy. In this paper, we examine Android application interaction and identify security risks in application components. We provide a method that detects application communication vulnerabilities. And the effectiveness of the method is verified by experiments.
引用
收藏
页码:165 / 174
页数:10
相关论文
共 50 条
  • [21] PasDroid: Real-time Security Enhancement for Android
    Hsiao, Shuen-Wen
    Hung, Shih-Hao
    Chien, Roger
    Yeh, Chih-Wei
    2014 EIGHTH INTERNATIONAL CONFERENCE ON INNOVATIVE MOBILE AND INTERNET SERVICES IN UBIQUITOUS COMPUTING (IMIS), 2014, : 229 - 235
  • [22] VM based Malware Security Protection on Android Platform
    Avella, Anthony
    Rizvi, Syed
    Gibson, Andrew
    Ryan, Marcus
    Strimple, Ryan
    Menovich, Ian
    2020 INTERNATIONAL CONFERENCE ON SOFTWARE SECURITY AND ASSURANCE (ICSSA 2020), 2020, : 38 - 45
  • [23] Security Enhancement of Secure USB Debugging in Android System
    Xu, Mingzhe
    Sun, Weiqing
    Alam, Mansoor
    2015 12TH ANNUAL IEEE CONSUMER COMMUNICATIONS AND NETWORKING CONFERENCE, 2015, : 134 - 139
  • [24] An effective mobile malware detection framework for android security
    Zhang W.
    Ren H.
    Jiang Q.
    Jiang, Qingshan (qs.jiang@siat.ac.cn), 1600, Inderscience Publishers, 29, route de Pre-Bois, Case Postale 856, CH-1215 Geneva 15, CH-1215, Switzerland (07): : 170 - 177
  • [25] Android Custom Permissions Demystified: A Comprehensive Security Evaluation
    Li, Rui
    Diao, Wenrui
    Li, Zhou
    Yang, Shishuai
    Li, Shuang
    Guo, Shanqing
    IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2022, 48 (11) : 4465 - 4484
  • [26] Anomadroid: profiling Android applications' behaviors for identifying unknown malapps
    Su, Dan
    Wang, Wei
    Wang, Xing
    Liu, Jiqiang
    2016 IEEE TRUSTCOM/BIGDATASE/ISPA, 2016, : 691 - 698
  • [27] Characterization of Malware Detection on Android Application
    Hein, Chit La Pyae Myo
    Myo, Khin Mar
    GENETIC AND EVOLUTIONARY COMPUTING, VOL I, 2016, 387 : 113 - 124
  • [28] Instance based security risk value estimation for Android applications
    Deypir, Mahmood
    Horri, Abbas
    JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2018, 40 : 20 - 30
  • [29] Assessing the Security and Privacy of Android Official ID Wallet Apps
    Kouliaridis, Vasileios
    Karopoulos, Georgios
    Kambourakis, Georgios
    INFORMATION, 2023, 14 (08)
  • [30] Android's External Device Attack: Demonstration and Security Suggestions
    Wei, Zhang
    Chao, Yang
    Chen Yunfang
    INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2015, 9 (04): : 317 - 326
12345