Analysis and Detection Next-Intent vulnerability in Android Applications

نوع: Type: thesis

مقطع: Segment: masters

عنوان: Title: Analysis and Detection Next-Intent vulnerability in Android Applications

ارائه دهنده: Provider: Zahra Kalvandi

اساتید راهنما: Supervisors: Dr. Mehdi Sakhaei-nia

اساتید مشاور: Advisory Professors:

اساتید ممتحن یا داور: Examining professors or referees: Dr. Morteza Yousef Sanati - Dr. Muharram Mansoorizadeh

زمان و تاریخ ارائه: Time and date of presentation: Time: 15:30, 21/12/2021

مکان ارائه: Place of presentation: virtual

چکیده: Abstract: With the increasing development of mobile platforms, the Android operating system has been recognized as the most widespread and popular operating system. This popularity causes a lot of attacks on Android. Most of these attacks occur by exploitin various vulnerabilities in Applications. These vulnerabilities are caused by insecure use of Android features. One of the sensitive features of Android is the inter-component communication mechanism that allows developers to use the public components of other applications to avoid duplicate services in different applications. Applications can also be privately defined to protect their sensitive components; This means that they are not allowed to communicate with other Applications. This communication model has increased the advantage of code reusability; But on the other hand, it exposes Applications to serious threats. One of these threats is attackers' access to the private components of the Applivation, which occurs if there is a Next-Intent vulnerability. In this vulnerability, attackers bypass protect private components by communicating with public components through an Intent that has a hidden Intent. Because the private components of any Application have sensitive data and operations, access to them disrupts the Application performance. This vulnerability occurs through not examining the source identity of Intents in public components and using their information throughout the application. Therefore, it is important to identify Applications that are affected by this vulnerability. So far, security approaches to communication between components of Android have received a lot of attention, but few of them have identified this vulnerability. The proposed approaches also have limitations in terms of the duration of analysis Application. They can not be used in app stores. Therefore, this thesis presents a static analysis tool called NIVFinder that automatically detects Next-Intent vulnerabilities in applications. NIVFinder in first step identifies public activity components that are under the impression to Next-Intent vulnerabilities. These components include a procedure that have APIs for using Next Intent. In fact, these APIs are the main condition for the existence of this vulnerability. Therefore, by generating executable paths for procedure that have these APIs, it is possible to reduce the output overhead for all components and to analyze fewer paths. To generate execution paths, an intra-procedure control flow graph is made. Each path in this graph is then analyzed using data flow analysis to confirm the flow between the NIV APIs. If such a path is found, the application is vulnerable and NIVFinder will report information about vulnerabilities. For evaluation, NIVFinder analyzed a set of 100 Android applications. The results of these applications show that NIVFinder has been able to reduce the analysis time of each application with equal accuracy compared to other previous approaches

فایل: ّFile: Download فایل