Analysis Of Component Hijacking Vulnerability Based On Android Platform

With the development of smart phone market, more and more smart phones instead of the feature phones to be the first choice of the consumers. Now, the phones based on Android OS have the highest share in smartphone market, so the number of malwares and bugs on Android is far ahead.As Android application framework is based on component to implement code reuse, applications use component as building block when they were designed, and cohere many functions of accessing to Android equipment sensitive resources. If programmers didn’t not aware the component problems when they were programming, it’s easy to make components exported and have the risk to be hijacked.This article is primarily research for component hijacking. Making further analysis to the principle and application scenarios, and also designed and implement an automatic test system for component hijacking based on static code audits which is used for detect the component hijacking vulnerabilities in the applications’ component.Main contents and study results:1. Analysis the overall architecture of Android platform, divided the security mechanism into different levels of architecture, then researched the main security features to point out the problems under the security mechanism.Make further analysis to the component architecture on Android platform. Component architecture was designed for code reuse, and code reuse was implemented by component communications. Through analysis, we can find that the reason why component hijacking exists is using the component in the wrong way. Component hijacking can be used by malicious attackers to make ROP. We can conclude the three typical characteristic-exported components, no accessing restriction and accessing the sensitive resources.2. I designed an automatic test system for component hijacking by combining the static reverse analysis technology on Android platform, this system use Graph theory methods, and apply Graph theory to component call graph, what’s more I improved the efficiency of static program slicing technology by adding condition to program slicing.3. To detect the component hijacking vulnerabilities in the market, I had downloaded a lot of applications from Android application market as test sample. By testing, I found that the applications which exists component hijacking vulnerabilities accounts for45%of all, and above90%of this bad applications have more than one ill component.