| As the most popular mobile operating system,there are large amount of applica-tions developed for Android.Android applications have covered all aspects of people's lives,making people' s life more convenience.Unfortunately,the popularity of An-droid has made it become the target of malware.At present,the number of malware on Android has been far more than other platforms.Malware takes a lot of security issues to user,such as stealing privacy data of user,sending pay message and so on.Consid-ering security issues,developers are forced to declare relative permissions when they need to use sensitive APIs.With the ability of inter-component communication(ICC)provided by Android,malicious applications can indirectly call sensitive APIs through components exposed by other applications,leading to privilege escalation,causing se-curity risks.In this thesis,we mainly study the permission mechanism and communication mechanism of Android system and analyze the reason of privilege escalation.To the privilege escalation of inter-applications,we propose a detecting method.First,we an-alyze the two sets of permissions to judge whether there is the possibility of privilege escalation.Then we find out the call relationship between the two applications,and analyze the control flow of inter-applications.Finally,we judge whether there is priv-ilege escalation between the two applications.Our experimental results show that our method can detect privilege escalation between two applications accurately.we propose a method to detect privilege escalation between two applications in this thesis.The difference is that our method aims to detect privilege escalation by inter-application whereas most of detecting methods works on a single application.The result of detecting one application just show that the application ' s permission may be used by malware,but when the application is installed on the smartphone,We can not sure whether other applications will use this application to privilege escalation actually.Our work fixes this defect,our method detects privilege escalation by inter-applications.When an application with privilege escalation vulnerability running on a smartphone,we can make sure that whether other applications on this smartphone can use this ap-plication to achieve privilege escalation.Another work of this thesis is to extend the tool IccTA.IccTA can not recognize the communication of inter-applications,when event callback function onClick()called in the button click.We extend the IccTA mainly for the identification of components communication,so that it can be used to construct the control flow graph between ap-plications. |
PDF Full Text Request