Analysis and Detection Next-Intent vulnerability in Android Applications - دانشکده فنی و مهندسی
Analysis and Detection Next-Intent vulnerability in Android Applications
نوع: Type: thesis
مقطع: Segment: masters
عنوان: Title: Analysis and Detection Next-Intent vulnerability in Android Applications
ارائه دهنده: Provider: Zahra Kalvandi
اساتید راهنما: Supervisors: Dr. Mehdi Sakhaei-nia
اساتید مشاور: Advisory Professors:
اساتید ممتحن یا داور: Examining professors or referees: Dr. Morteza Yousef Sanati - Dr. Muharram Mansoorizadeh
زمان و تاریخ ارائه: Time and date of presentation: Time: 15:30, 21/12/2021
مکان ارائه: Place of presentation: virtual
چکیده: Abstract: With the increasing development of mobile platforms, the Android operating system has been recognized as the most widespread and popular operating system. This popularity causes a lot of attacks on Android. Most of these attacks occur by exploitin various vulnerabilities in Applications. These vulnerabilities are caused by insecure use of Android features. One of the sensitive features of Android is the inter-component communication mechanism that allows developers to use the public components of other applications to avoid duplicate services in different applications. Applications can also be privately defined to protect their sensitive components; This means that they are not allowed to communicate with other Applications. This communication model has increased the advantage of code reusability; But on the other hand, it exposes Applications to serious threats. One of these threats is attackers' access to the private components of the Applivation, which occurs if there is a Next-Intent vulnerability. In this vulnerability, attackers bypass protect private components by communicating with public components through an Intent that has a hidden Intent. Because the private components of any Application have sensitive data and operations, access to them disrupts the Application performance. This vulnerability occurs through not examining the source identity of Intents in public components and using their information throughout the application. Therefore, it is important to identify Applications that are affected by this vulnerability. So far, security approaches to communication between components of Android have received a lot of attention, but few of them have identified this vulnerability. The proposed approaches also have limitations in terms of the duration of analysis Application. They can not be used in app stores. Therefore, this thesis presents a static analysis tool called NIVFinder that automatically detects Next-Intent vulnerabilities in applications. NIVFinder in first step identifies public activity components that are under the impression to Next-Intent vulnerabilities. These components include a procedure that have APIs for using Next Intent. In fact, these APIs are the main condition for the existence of this vulnerability. Therefore, by generating executable paths for procedure that have these APIs, it is possible to reduce the output overhead for all components and to analyze fewer paths. To generate execution paths, an intra-procedure control flow graph is made. Each path in this graph is then analyzed using data flow analysis to confirm the flow between the NIV APIs. If such a path is found, the application is vulnerable and NIVFinder will report information about vulnerabilities. For evaluation, NIVFinder analyzed a set of 100 Android applications. The results of these applications show that NIVFinder has been able to reduce the analysis time of each application with equal accuracy compared to other previous approaches
فایل: ّFile: Download فایل