Improving Android Application Security for Intent Based Attacks

被引:0
作者
Khadiranaikar, Babu [1 ]
Zavarsky, Pavol [1 ]
Malik, Yasir [1 ]
机构
[1] Concordia Univ, Dept Informat Syst Secur & Assurance Management, Edmonton, AB, Canada
来源
2017 8TH IEEE ANNUAL INFORMATION TECHNOLOGY, ELECTRONICS AND MOBILE COMMUNICATION CONFERENCE (IEMCON) | 2017年
关键词
Andriod Security; Inter Process Communication; Intents; Static Analysis; Dynamic Analysis;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Inter-Process Communication (IPC) is an Android functionality that enables one application to use a component of another application. The IPC uses so called Intents, which is a message passing mechanism in Android, for this purpose. We examine the Android communication model to analyze the vulnerabilities pertaining to Intents during Inter-Process Communication by performing hybrid analysis and use the results obtained from the analysis to improve the overall application security and privacy from such vulnerabilities. Simulation results show how hybrid analysis and use of Intent certificates can improve the overall security of an Android application.
引用
收藏
页码:62 / 67
页数:6
相关论文
共 50 条
  • [21] Security code smells in Android ICC
    Gadient, Pascal
    Ghafari, Mohammad
    Frischknecht, Patrick
    Nierstrasz, Oscar
    EMPIRICAL SOFTWARE ENGINEERING, 2019, 24 (05) : 3046 - 3076
  • [22] A Plugin for Kotlin based Android Apps to Detect Security Breaches through Dataflow
    Talukder, Md Arabia Islam
    Mishu, Sumaiya Farzana
    Shahriar, Hossain
    Riad, A. B. M. Kamml Islam
    Wu, Fan
    Rahman, Akond
    2023 IEEE 47TH ANNUAL COMPUTERS, SOFTWARE, AND APPLICATIONS CONFERENCE, COMPSAC, 2023, : 1840 - 1845
  • [23] Explicit prioritization of parallel Intent broadcasts in real-time Android
    Kalkov, Igor
    Gurghian, Alexandru
    Kowalewski, Stefan
    CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2017, 29 (22)
  • [24] Hybrid Analysis of Android Apps for Security Vetting using Deep Learning
    Chaulagain, Dewan
    Poudel, Prabesh
    Pathak, Prabesh
    Roy, Sankardas
    Caragea, Doina
    Liu, Guojun
    Ou, Xinming
    2020 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS), 2020,
  • [25] Automatic system for measuring security risk of Android application from third party app store
    Jang, Bogyu
    Lee, Jaeseung
    Lee, Manhee
    SECURITY AND COMMUNICATION NETWORKS, 2016, 9 (16) : 3190 - 3196
  • [26] An Empirical Analysis of Security and Privacy Risks in Android Cryptocurrency Wallet Apps
    Sentana, I. Wayan Budi
    Ikram, Muhammad
    Kaafar, Mohamed Ali
    APPLIED CRYPTOGRAPHY AND NETWORK SECURITY, PT II, ACNS 2023, 2023, 13906 : 699 - 725
  • [27] On Shielding Android's Pending Intent from Malware Apps Using a Novel Ownership-Based Authentication
    Duraisamy, S. Pradeepkumar
    Geetha, S.
    Cheng, Xiaochun
    Kadry, Seifedine
    JOURNAL OF CIRCUITS SYSTEMS AND COMPUTERS, 2022, 31 (13)
  • [28] A Security Analysis Tool For Web Application Reinforcement Against SQL Injection Attacks (SQLIAs)
    Lashkaripour, Z.
    Bafghi, A. Ghaemi
    2013 10TH INTERNATIONAL ISC CONFERENCE ON INFORMATION SECURITY AND CRYPTOLOGY (ISCISC), 2013,
  • [29] Web-Application Attacks: A Survey
    Khali, Manju
    Sangwan, Parikshit
    Vaishali
    PROCEEDINGS OF THE 10TH INDIACOM - 2016 3RD INTERNATIONAL CONFERENCE ON COMPUTING FOR SUSTAINABLE GLOBAL DEVELOPMENT, 2016, : 2187 - 2191
  • [30] REDDROID: Android Application Redundancy Customization Based on Static Analysis
    Jiang, Yufei
    Bao, Qinkun
    Wang, Shuai
    Liu, Xiao
    Wu, Dinghao
    2018 29TH IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING (ISSRE), 2018, : 189 - 199
12345