Improving Android Application Security for Intent Based Attacks

被引:0
|
作者
Khadiranaikar, Babu [1 ]
Zavarsky, Pavol [1 ]
Malik, Yasir [1 ]
机构
[1] Concordia Univ, Dept Informat Syst Secur & Assurance Management, Edmonton, AB, Canada
来源
2017 8TH IEEE ANNUAL INFORMATION TECHNOLOGY, ELECTRONICS AND MOBILE COMMUNICATION CONFERENCE (IEMCON) | 2017年
关键词
Andriod Security; Inter Process Communication; Intents; Static Analysis; Dynamic Analysis;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Inter-Process Communication (IPC) is an Android functionality that enables one application to use a component of another application. The IPC uses so called Intents, which is a message passing mechanism in Android, for this purpose. We examine the Android communication model to analyze the vulnerabilities pertaining to Intents during Inter-Process Communication by performing hybrid analysis and use the results obtained from the analysis to improve the overall application security and privacy from such vulnerabilities. Simulation results show how hybrid analysis and use of Intent certificates can improve the overall security of an Android application.
引用
收藏
页码:62 / 67
页数:6
相关论文
共 50 条
  • [1] Android Security: Permission Based Attacks
    Jain, Arushi
    Prachi
    PROCEEDINGS OF THE 10TH INDIACOM - 2016 3RD INTERNATIONAL CONFERENCE ON COMPUTING FOR SUSTAINABLE GLOBAL DEVELOPMENT, 2016, : 2754 - 2759
  • [2] APSET, an Android aPplication SEcurity Testing tool for detecting intent-based vulnerabilities
    Salva, Sebastien
    Zafimiharisoa, Stassia R.
    INTERNATIONAL JOURNAL ON SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER, 2015, 17 (02) : 201 - 221
  • [3] APSET, an Android aPplication SEcurity Testing tool for detecting intent-based vulnerabilities
    Sébastien Salva
    Stassia R. Zafimiharisoa
    International Journal on Software Tools for Technology Transfer, 2015, 17 : 201 - 221
  • [4] Research on Android Intent Security Detection Based on Machine Learning
    Lv Zhuo
    Guo Zhimin
    Chen Cen
    2017 4TH INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND CONTROL ENGINEERING (ICISCE), 2017, : 569 - 574
  • [5] Intent Based Security Challenges in Android-An Analysis & Recommendation
    Sivakumar, Janaki
    Yassir, Ammar
    Saravanan, P.
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2013, 13 (01): : 46 - 50
  • [6] Intent Security Testing An Approach to Testing the Intent-based Vulnerability of Android Components
    Salva, Sebastien
    Zafimiharisoa, Stassia R.
    Laurenc, Patrice
    PROCEEDINGS OF THE 10TH INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY (SECRYPT 2013), 2013, : 355 - 362
  • [7] Intent Based Security Challenges in Android-An Analysis & Recommendation
    Sivakumar, Janaki
    Yassir, Ammar
    Saravanan, P.
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2014, 14 (03): : 72 - 76
  • [8] A Survey on Security Issues, Vulnerabilities and Attacks in Android based Smartphone
    Hur, Jalal B.
    Shamsi, Jawwad A.
    2017 INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGIES (ICICT), 2017, : 40 - 46
  • [9] Detectors for Intent ICC Security Vulnerability with Android IDE
    Meng, Xianyong
    Qian, Kai
    Lo, Dan
    Bhattachrya, Prabir
    2018 TENTH INTERNATIONAL CONFERENCE ON UBIQUITOUS AND FUTURE NETWORKS (ICUFN 2018), 2018, : 355 - 357
  • [10] M-Pattern: A novel scheme for improving the security of Android Pattern unlock against smudge attacks
    Zheng, Jun
    Chigurupati, Sai Krishna
    ICT EXPRESS, 2019, 5 (03): : 192 - 195
12345