Improving Android Application Security for Intent Based Attacks

被引:0
作者
Khadiranaikar, Babu [1 ]
Zavarsky, Pavol [1 ]
Malik, Yasir [1 ]
机构
[1] Concordia Univ, Dept Informat Syst Secur & Assurance Management, Edmonton, AB, Canada
来源
2017 8TH IEEE ANNUAL INFORMATION TECHNOLOGY, ELECTRONICS AND MOBILE COMMUNICATION CONFERENCE (IEMCON) | 2017年
关键词
Andriod Security; Inter Process Communication; Intents; Static Analysis; Dynamic Analysis;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Inter-Process Communication (IPC) is an Android functionality that enables one application to use a component of another application. The IPC uses so called Intents, which is a message passing mechanism in Android, for this purpose. We examine the Android communication model to analyze the vulnerabilities pertaining to Intents during Inter-Process Communication by performing hybrid analysis and use the results obtained from the analysis to improve the overall application security and privacy from such vulnerabilities. Simulation results show how hybrid analysis and use of Intent certificates can improve the overall security of an Android application.
引用
收藏
页码:62 / 67
页数:6
相关论文
共 50 条
[21]   A Novel Hybrid Method to Analyze Security Vulnerabilities in Android Applications [J].
Junwei Tang ;
Ruixuan Li ;
Kaipeng Wang ;
Xiwu Gu ;
Zhiyong Xu .
Tsinghua Science and Technology, 2020, 25 (05) :589-603
[22]   Security code smells in Android ICC [J].
Pascal Gadient ;
Mohammad Ghafari ;
Patrick Frischknecht ;
Oscar Nierstrasz .
Empirical Software Engineering, 2019, 24 :3046-3076
[23]   Security code smells in Android ICC [J].
Gadient, Pascal ;
Ghafari, Mohammad ;
Frischknecht, Patrick ;
Nierstrasz, Oscar .
EMPIRICAL SOFTWARE ENGINEERING, 2019, 24 (05) :3046-3076
[24]   A Plugin for Kotlin based Android Apps to Detect Security Breaches through Dataflow [J].
Talukder, Md Arabia Islam ;
Mishu, Sumaiya Farzana ;
Shahriar, Hossain ;
Riad, A. B. M. Kamml Islam ;
Wu, Fan ;
Rahman, Akond .
2023 IEEE 47TH ANNUAL COMPUTERS, SOFTWARE, AND APPLICATIONS CONFERENCE, COMPSAC, 2023, :1840-1845
[25]   Explicit prioritization of parallel Intent broadcasts in real-time Android [J].
Kalkov, Igor ;
Gurghian, Alexandru ;
Kowalewski, Stefan .
CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2017, 29 (22)
[26]   Automatic system for measuring security risk of Android application from third party app store [J].
Jang, Bogyu ;
Lee, Jaeseung ;
Lee, Manhee .
SECURITY AND COMMUNICATION NETWORKS, 2016, 9 (16) :3190-3196
[27]   Hybrid Analysis of Android Apps for Security Vetting using Deep Learning [J].
Chaulagain, Dewan ;
Poudel, Prabesh ;
Pathak, Prabesh ;
Roy, Sankardas ;
Caragea, Doina ;
Liu, Guojun ;
Ou, Xinming .
2020 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS), 2020,
[28]   An Empirical Analysis of Security and Privacy Risks in Android Cryptocurrency Wallet Apps [J].
Sentana, I. Wayan Budi ;
Ikram, Muhammad ;
Kaafar, Mohamed Ali .
APPLIED CRYPTOGRAPHY AND NETWORK SECURITY, PT II, ACNS 2023, 2023, 13906 :699-725
[29]   On Shielding Android's Pending Intent from Malware Apps Using a Novel Ownership-Based Authentication [J].
Duraisamy, S. Pradeepkumar ;
Geetha, S. ;
Cheng, Xiaochun ;
Kadry, Seifedine .
JOURNAL OF CIRCUITS SYSTEMS AND COMPUTERS, 2022, 31 (13)
[30]   A Security Analysis Tool For Web Application Reinforcement Against SQL Injection Attacks (SQLIAs) [J].
Lashkaripour, Z. ;
Bafghi, A. Ghaemi .
2013 10TH INTERNATIONAL ISC CONFERENCE ON INFORMATION SECURITY AND CRYPTOLOGY (ISCISC), 2013,
12345