Study On Android Application Vulnerability Mining System

In recent years,Android operation system always holds the first position in the smart phone operation system rank list.More and more people use Android phones,with booming Android applications and app stores.Hackers also turn their focus to the Android phones,and various attacking events have been reported from Bootkit to malicious applications.Permission leakage is a common type of vulnerability in Android applications,which can lead to serious security problems.Thus,how to effectively find this kind of vulnerability become a valuable research topic.In this thesis,an effective detection approach for Android application privilege leakages is proposed.We have devised two key methodologies in our approach,a light-weight static analysis method for Extra information and a dynamic task scheduling algorithm.Based on a OpenStack cloud platform,we implemented a parallel fuzzing system,named paraIntentFuzz and made an extensive empirical study on more than 10064 real apps.The main contributions of this paper are as follows.(1).By analyzing transmission of Extra information among components in apps,we proposed a light-weight method to accumulate the Extra information after simply reverse engineering binary packages.Our method not only provides Extra parameter names but also its types,which will help to generate intent callings to trigger more valid execution paths.In addition,our method have two other advantages that are lower overhead and more robust than existing works.(2).Based on analyzing the fuzzing process for an Android app,we found two factors are sensitive to the time-consuming of the test life cycle,i.e.the size and the number of exposed components of the target app.In order to make load effective balancing parallel fuzzing framework and effective parallel fuzzing framework,a prediction mechanism and dynamic task allocation algorithm are proposed to schedule test tasks.(3).We have implemented paraIntentFuzz based on OpenStack cloud system.Experiments show our method can achieve almost linear speed up with the number of clients.In tested 10064 real apps,we also found 7367 app with potential privilege leakages.