Android App Vulnerability Detection Using Dynamic Method

Android system ensure the application is running in a relatively independent environment by inheriting Linux security mechanism and implementing mechanism of separate Dalvik virtual machine in order to protect the safety of the applications and systems.But this is not entirely avoid risk,if the application for insufficient component protection,can result in component exposure.If an Android application could not protect its private components well in the process of inter-application communication,there would exist exposed component vulnerabilities.If does not control the relevant permissions,there may exist permissions leak holes;If the Content Provider related implementation is not correct,there may exist the data leaks loopholes and the directory traversal vulnerabilities.The existence of these vulnerabilities will cause great threat to the Android system and users.The detection of these vulnerabilities can help developer to improve the application with great significance.In the thesis,specific work is as follows:1.For Android app inter-component vulnerability,the thesis proposes a new detection method based on the Fuzzing and customize Android OS.The core of the method is to obtain real Extras of the application.Then we can structure data according to real Extras in order to obtaining better result with a small amount of data.2.For the permission leaks of Android app,existing methods exists some difficulty about decompilation and the definition of permission reveal.Aiming at the shortcomings of the existing methods,this thesis puts forward a new based on Fuzzing and custom Android system permissions for the leak detection method.First by customizing the Android system output the permission to system log.And then use Fuzzing technology to get all leaked permissions.3.In view of the Content Provider related vulnerability,existing methods mainly uses some static stain or data flow analysis technology.According to the characteristics of the problem,this thesis proposed some solutions based on SQL injection,path traversal,random data and so on.4.According the vulnerabilities detection methods,this thesis implements an automatic detection system.Through a large number of experiments,this system can effectively detect components exposed,inter-component vulnerabilities,permission leaks and content provider related vulnerabilities.And provide the possibility for solving some deeper problems,such as reappear the inter-component communication vulnerabilities,reproduce and reveal loophole of permission leaks.