Improving Android Application Security for Intent Based Attacks

被引:0
作者
Khadiranaikar, Babu [1 ]
Zavarsky, Pavol [1 ]
Malik, Yasir [1 ]
机构
[1] Concordia Univ, Dept Informat Syst Secur & Assurance Management, Edmonton, AB, Canada
来源
2017 8TH IEEE ANNUAL INFORMATION TECHNOLOGY, ELECTRONICS AND MOBILE COMMUNICATION CONFERENCE (IEMCON) | 2017年
关键词
Andriod Security; Inter Process Communication; Intents; Static Analysis; Dynamic Analysis;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Inter-Process Communication (IPC) is an Android functionality that enables one application to use a component of another application. The IPC uses so called Intents, which is a message passing mechanism in Android, for this purpose. We examine the Android communication model to analyze the vulnerabilities pertaining to Intents during Inter-Process Communication by performing hybrid analysis and use the results obtained from the analysis to improve the overall application security and privacy from such vulnerabilities. Simulation results show how hybrid analysis and use of Intent certificates can improve the overall security of an Android application.
引用
收藏
页码:62 / 67
页数:6
相关论文
共 50 条
[41]   Dynamic Security Analysis on Android: A Systematic Literature Review [J].
Sutter, Thomas ;
Kehrer, Timo ;
Rennhard, Marc ;
Tellenbach, Bernhard ;
Klein, Jacques .
IEEE ACCESS, 2024, 12 :57261-57287
[42]   HyDroid: android malware detection using network flow combined with permissions and intent filter [J].
Boukhamla, Akram Zine Eddine ;
Verma, Abhishek .
INTERNATIONAL JOURNAL OF MOBILE COMMUNICATIONS, 2023, 22 (01) :70-91
[43]   IIFA: Modular Inter-app Intent Information Flow Analysis of Android Applications [J].
Tiwari, Abhishek ;
Gross, Sascha ;
Hammer, Christian .
SECURITY AND PRIVACY IN COMMUNICATION NETWORKS, SECURECOMM, PT II, 2019, 305 :335-349
[44]   Android Malware Detection Based on Machine Learning [J].
Wang, Qing-Fei ;
Fang, Xiang .
2018 4TH ANNUAL INTERNATIONAL CONFERENCE ON NETWORK AND INFORMATION SYSTEMS FOR COMPUTERS (ICNISC 2018), 2018, :434-436
[45]   An Android application risk evaluation framework based on minimum permission set identification [J].
Xiao, Jianmao ;
Chen, Shizhan ;
He, Qiang ;
Feng, Zhiyong ;
Xue, Xiao .
JOURNAL OF SYSTEMS AND SOFTWARE, 2020, 163
[46]   A Design of the Event Trigger for Android Application [J].
Hu, Ting ;
Ning, Zhuo ;
Sun, Zhixin .
QUALITY, RELIABILITY, SECURITY AND ROBUSTNESS IN HETEROGENEOUS NETWORKS, 2017, 199 :426-434
[47]   Choosing the Weapon: A Comparative Study of Security Analyzers for Android Applications [J].
Joseph, Ryan B. ;
Zibran, Minhaz F. ;
Eishita, Farjana Z. .
2021 IEEE/ACIS 19TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING RESEARCH, MANAGEMENT AND APPLICATIONS (SERA), 2021, :51-57
[48]   Meizodon: Security Benchmarking Framework for Static Android Malware Detectors [J].
Rodriguez, Sebastiaan Alvarez ;
van der Kouwe, Erik .
THIRD CENTRAL EUROPEAN CYBERSECURITY CONFERENCE (CECC 2019), 2019,
[49]   Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android [J].
Bartel, Alexandre ;
Klein, Jacques ;
Le Traon, Yves ;
Monperrus, Martin .
2012 PROCEEDINGS OF THE 27TH IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING (ASE), 2012, :274-277
[50]   Improving Vulnerability Detection Measurement [Test Suites and Software Security Assurance] [J].
Hoole, Alexander M. ;
Traore, Issa ;
Delaitre, Aurelien ;
de Oliveira, Charles .
PROCEEDINGS OF THE 20TH INTERNATIONAL CONFERENCE ON EVALUATION AND ASSESSMENT IN SOFTWARE ENGINEERING 2016 (EASE '16), 2016,
12345