Identifying and Analyzing Security Risks in Android Application Components

被引:0
作者
Zhang, Ming [1 ]
机构
[1] Mianyang Polytech, Dept Comp Sci, Mianyang, Peoples R China
来源
INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS | 2016年 / 10卷 / 09期
关键词
Android security; Android components; Intents; message communication;
D O I
10.14257/ijsia.2016.10.9.17
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Android operating system provides a rich inter-application message passing system. The mechanism encourages inter-application collaboration and reduces developer burden by facilitating component reuse. Unfortunately, message passing is also an application attack surface. The content of messages can be sniffed, modified, stolen, or replaced, which can compromise user privacy. In this paper, we examine Android application interaction and identify security risks in application components. We provide a method that detects application communication vulnerabilities. And the effectiveness of the method is verified by experiments.
引用
收藏
页码:165 / 174
页数:10
相关论文
共 50 条
  • [31] Assessing the Security and Privacy of Android Official ID Wallet Apps
    Kouliaridis, Vasileios
    Karopoulos, Georgios
    Kambourakis, Georgios
    [J]. INFORMATION, 2023, 14 (08)
  • [32] Instance based security risk value estimation for Android applications
    Deypir, Mahmood
    Horri, Abbas
    [J]. JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2018, 40 : 20 - 30
  • [33] Research on Android Intent Security Detection Based on Machine Learning
    Lv Zhuo
    Guo Zhimin
    Chen Cen
    [J]. 2017 4TH INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND CONTROL ENGINEERING (ICISCE), 2017, : 569 - 574
  • [34] A Novel Hybrid Method to Analyze Security Vulnerabilities in Android Applications
    Junwei Tang
    Ruixuan Li
    Kaipeng Wang
    Xiwu Gu
    Zhiyong Xu
    [J]. TsinghuaScienceandTechnology, 2020, 25 (05) : 589 - 603
  • [35] Incorporating Android Code Smells into Java']Java Static Code Metrics for Security Risk Prediction of Android Applications
    Gong, Ai
    Zhong, Yi
    Zou, Weiqin
    Shi, Yangyang
    Fang, Chunrong
    [J]. 2020 IEEE 20TH INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY, AND SECURITY (QRS 2020), 2020, : 30 - 40
  • [36] Analyzing and Recognizing Android Malware via Semantic-based Malware Gene
    Han Jin
    Zhao Rongcai
    Shan Zhen
    Liu Fudong
    Zhao Bingling
    Meng Xi
    Wang Hongyan
    [J]. 2017 INTERNATIONAL CONFERENCE ON CYBER-ENABLED DISTRIBUTED COMPUTING AND KNOWLEDGE DISCOVERY (CYBERC), 2017, : 17 - 20
  • [37] SANT: Static Analysis of Native Threads for Security Vetting of Android Applications
    Andarzian, Seyed Behnam
    Ladani, Behrouz Tork
    [J]. ISECURE-ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2022, 14 (01): : 13 - 25
  • [38] PHIGrader: Evaluating the effectiveness of Manifest file components in Android malware detection using Multi Criteria Decision Making techniques
    Sharma, Yash
    Arora, Anshul
    [J]. JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2024, 232
  • [39] Android Application Behavioral Analysis through Intent Monitoring
    Afridi, M. Waqar
    Ali, Toqeer
    Alghamdi, Turki
    Ali, Tamleek
    Yasar, Muhammad
    [J]. 2018 6TH INTERNATIONAL SYMPOSIUM ON DIGITAL FORENSIC AND SECURITY (ISDFS), 2018, : 243 - 250
  • [40] QRFence: A flexible and scalable QR link security detection framework for Android devices
    Song, Jun
    Gao, Kun
    Shen, Xinyang
    Qi, Xiaotian
    Liu, Rui
    Choo, Kim-Kwang Raymond
    [J]. FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2018, 88 : 663 - 674
12345