Research On Fixing Method Of Android Permission Vulnerability

Android 6.0 “Marshmallow” was released in October 2015.The version of the operating system brings a number of new features,the most striking of which is the introduction of a dynamic permission mechanism.The runtime permission of Android 6.0 requires that application needs to check and request permissions dynamically at runtime.The newly introduced runtime permission makes the new version of the operating system more secure,but also introduces a lot new system call interfaces,and also has a more complex calling specification.A runtime error is introduced if an application does not follow the calling specification of runtime permission when it is adapted to the version of the operating system.If an application that is compatible with Android 6.0 does not check and request permissions at runtime when accessing restricted resources,we claim that the application has permission vulnerability.In order to detect whether there is a permission vulnerability in an application suitable for Android 6.0,we developed a detection tool called Perm Guard based on the Java language and Soot framework,and detected 500 applications downloaded on Google Play,and finally found There are 25.5% of applications in applications that successfully participate in detection that have such permission vulnerabilities.This reflects from the side that the new system has changed a large number of permission-related system call interfaces,resulting in the application has not been well adapted to the new system.Perm Guard detects the operations that need permission protection in the input application through static analysis.These operations include explicit system calls,access to private data through URIs and communication with other components through special actions of the Intent.Then with the help of call graph generated by Flow Droid and Icc TA we detect the corresponding check and request statement.If it is not found,that means the application has permission vulnerability.If permission vulnerability exists in the input application,Perm Guard attempts to automatically fix the code so that the repaired application can satisfy the call specification of the new version of operating system with guaranteeing that the semantics have not changed.Perm Guard takes the Activity component as the basic instrumentation unit,because we want to try our best to keep the code semantics after repair.Perm Guard first finds the missed permissions in Activity component through the static analysis,and then instrument code of check and request permissions in lifecycle method of Activity.In this way once the user is authorized,the entire component is authorized to run.In the callback function that handles the result of the permission request,Perm Guard restarts the entire component after the user has been authorized,so that the component is authorized when it is run for the second time.In addition to the 500 applications downloaded randomly on Google Play,we have added a benchmark dataset.By repeatedly running Perm Guard on these two data sets we found that Perm Guard can perfectly fix such vulnerabilities.