[go: up one dir, main page]
Skip to main content
SpringerLink
Log in

An Android Vulnerability Detection System

  • Conference paper
  • First Online:
Network and System Security (NSS 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10394))

Included in the following conference series:

Abstract

Android system versions update and iterate frequently with severe fragmentation. The distribution of the various Android versions’ market share is scattered, making system-level vulnerabilities’ risk extensive and serious. For the limitations of the present research, we design and implement a new comprehensive system-level vulnerability detection system VScanner. For the first time VScanner is based on Lua script engine as the core. It gives priority to dynamic detection by exploiting, and static detection by feature matching is complementary. Vulnerability trigger is developed by the form of plugins, and it bases on vulnerability taxonomy by POCAS, which shows good scalability. For system-level vulnerabilities, we have implemented 18 plugins, which all are system-level vulnerabilities in high risk. By experimental evaluation, VScanner has high efficiency, low false alarm rate, and good effects on vulnerability detection.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Wikipedia: Android version history, http://en.wikipedia.org/wiki/-Android, version history 13 Apr 2016

  2. Mitre: Common Vulnerabilities and Exposures, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2060, 08 Mar 2017

  3. Minterest: Qualcomm Source Vulnerability Vulnerable to Hacker Attacks lead to Android, http://www.minterest.co/15065, 07 May 2016

  4. NetMarketShare: Market share for Android mobile, https://www.net-marketshare.com/, 17 Apr 2017

  5. Liu, J., Sun, K., Wang, S.: Vulnerability analysis of the Android operating system code based on control flow mining. J. Tsinghua Univ. Sci. Technol. 52(10), 1335–1339 (2012)

    Google Scholar 

  6. Kim, S.H., Han, D., Lee, D.H.: Predictability of android open-SSL’s pseudo random number generator. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 659–668 (2013)

    Google Scholar 

  7. Sounthiraraj, D., Sahs, J., Greenwood, G., Lin, Z., Khan, L.: SMV-Hunter: large scale, automated detection of SSL/TLS man-in-the-middle vulnerabilities in android apps. In: Proceedings of the 21st Annual Network and Distributed System Security Symposium (NDSS 2014) (2014)

    Google Scholar 

  8. Yang, Z., Yang, M., Zhang, Y., Gu, G., Ning, P., Wang, X.S.: AppIntent: analyzing sensitive data transmission in android for privacy leakage detection. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 1043–1054 (2013)

    Google Scholar 

  9. Yan, L.K., Yin, H.: DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic android malware analysis. In: USENIX Security Symposium, pp. 569–584 (2012)

    Google Scholar 

  10. Miller, B.P., Fredriksen, L., So, B.: An empirical study of the reliability of UNIX utilities. Commun. ACM 33(12), 32–44 (1990)

    Article  Google Scholar 

  11. Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in Android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, pp. 239–252 (2011)

    Google Scholar 

  12. Chan, P.P., Hui, L.C., Yiu, S.M.: Droidchecker: analyzing android applications for capability leak. In: Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 125–136 (2012)

    Google Scholar 

  13. Lu, L., Li, Z., Wu, Z., Lee, W., Jiang, G.: Chex: statically vetting android apps for component hijacking vulnerabilities. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 229–240 (2012)

    Google Scholar 

  14. Egele, M., Brumley, D., Fratantonio, Y., Kruegel, C.: An empirical study of cryptographic misuse in android applications. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 73–84 (2013)

    Google Scholar 

  15. Jiang, Y.Z.X., Xuxian, Z.: Detecting passive content leaks and pollution in android applications. In: Proceedings of the 20th Network and Distributed System Security Symposium (NDSS) (2013)

    Google Scholar 

  16. Gibler, C., Crussell, J., Erickson, J., Chen, H.: AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale. In: Katzenbeisser, S., Weippl, E., Camp, L.Jean, Volkamer, M., Reiter, M., Zhang, X. (eds.) Trust 2012. LNCS, vol. 7344, pp. 291–307. Springer, Heidelberg (2012). doi:10.1007/978-3-642-30921-2_17

    Chapter  Google Scholar 

  17. Grace, M.C., Zhou, Y., Wang, Z., Jiang, X.: Systematic detection of capability leaks in stock android smartphones. In: NDSS 2012 (2012)

    Google Scholar 

  18. Guri, M., Poliak, Y., Shapira, B., Elovici, Y.: JoKER: trusted detection of kernel rootkits in android devices via JTAG interface. In: Trustcom-/BigDataSE/ISPA, pp. 65–73 (2015)

    Google Scholar 

  19. Wu, T., Yang, Y.: Crafting intents to detect ICC vulnerabilities of android apps. In Computational Intelligence and Security (CIS 2016), pp. 557–560 (2016)

    Google Scholar 

  20. Demissie, B.F., Ghio, D., Ceccato, M., Avancini, A.: Identifying Android inter app communication vulnerabilities using static and dynamic analysis. In: Proceedings of the International Workshop on Mobile Software Engineering and Systems, pp. 255–266 (2016)

    Google Scholar 

  21. Qian, C., Luo, X., Le, Y., Gu, G.: Vulhunter: toward discovering vulnerabilities in android applications. IEEE Micro 35(1), 44–53 (2015)

    Article  Google Scholar 

  22. Xing, L., Pan, X., Wang, R., Yuan, K., Wang, X.: Upgrading your android, elevating my malware: Privilege escalation through mobile os updating. In: IEEE Symposium on Security and Privacy (S&P), pp. 393–408 (2014)

    Google Scholar 

  23. Yamaguchi, F., Golde, N., Arp, D., Rieck, K.: Modeling and discovering vulnerabilities with code property graphs. In: IEEE Symposium on Security and Privacy (S&P), pp. 590–604 (2014)

    Google Scholar 

  24. Thomas, D.R., Beresford, A.R., Rice, A.: Security metrics for the android ecosystem. In: Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 87–98 (2015)

    Google Scholar 

  25. Deng, X., et al.: A general attack model based on Android system vulnerability. Telecommun. Sci. (2016)

    Google Scholar 

  26. Enck, W., Ongtang, M., McDaniel, P.: Understanding android security. IEEE Secur. Priv. 7(1), 50–57 (2009)

    Article  Google Scholar 

  27. Drake, J.J., Lanier, Z., Mulliner, C., Fora, P.O., Ridley, S.A., Wicherski, G.: Android hacker’s handbook. Wiley, New York (2014)

    Google Scholar 

  28. Carnegie mellon university software engineering institute: Android secure coding standard, [Online]. Available: https://www.securecoding.cert.org/confluence-/pages/viewpage.action?pageId=111509535, 2016/04/13

  29. JSSEC: Android application secure design/secure coding guidebook, Report (2014)

    Google Scholar 

  30. Mustafa, T., Sohr, K.: Understanding the implemented access control policy of android system services with slicing and extended static checking. Int. J. Inf. Secur. 14(4), 347–366 (2015)

    Article  Google Scholar 

  31. Li, X., Liu, Q., Zhang, Q.: Kernel privilege escalation vulnerabilities automatically exploiting system based on imitating attack. J. Univ. Chin. Acad. Sci. 32(3), 384–390 (2015)

    Google Scholar 

  32. Microsoft: Microsoft exploitability index, https://technet.micro-soft.com/en-us/security/cc998259, 13 Apr 2016

  33. Lua team: Lua, http://www.lua.org/, 13 Apr 2016

  34. Xuxian, J.: Smishing vulnerability in multiple android platforms, https://www.csc2.ncsu.edu/faculty/xjiang4/smishing.html, 13 June 2017

  35. Cannon, T., Android sms spoofer, https://github.com/thomascannon/android-sms-spoof, 13 June 2017

  36. Schmidt, A.D., Bye, R., Schmidt, H.G., Clausen, J., Kiraz, O., Yuksel, K.A., Albayrak, S.: Static analysis of executables for collaborative malware detection on android. In: IEEE International Conference on Communications (ICC 2009), pp. 1–5 (2009)

    Google Scholar 

Download references

Acknowledgements

This work is supported by The National Natural Science Foundation of China (No. 61602361).

Author information

Authors and Affiliations

  1. School of Cyber Engineering, Xidian University, Xi’an, China

    Jiayuan Zhang, Yao Yao, Jian Xie & Gaofei Wu

  2. School of Computer and Control Engineering, UCAS, Beijing, China

    Xiaoqi Li

Authors
  1. Jiayuan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yao Yao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiaoqi Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jian Xie
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Gaofei Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jiayuan Zhang .

Editor information

Editors and Affiliations

  1. Xidian University, Xi’an, China

    Zheng Yan

  2. Eurecom, Sophia Antipolos, Valbonne, France

    Refik Molva

  3. Warsaw University of Technology, Warsaw, Poland

    Wojciech Mazurczyk

  4. Aalto University, Espoo, Finland

    Raimo Kantola

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Zhang, J., Yao, Y., Li, X., Xie, J., Wu, G. (2017). An Android Vulnerability Detection System. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds) Network and System Security. NSS 2017. Lecture Notes in Computer Science(), vol 10394. Springer, Cham. https://doi.org/10.1007/978-3-319-64701-2_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-64701-2_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-64700-5

  • Online ISBN: 978-3-319-64701-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation