A Static Detection of Inter-Component Communication Vulnerability in Android Application

DOI

10.2991/cnci-19.2019.74How to use a DOI?

Keywords

Android application, static analysis, inter-component communication, vulnerability detect

Abstract

Security issues were found between inter-component communication in Android application: the usage of explicit or implicit intent might give rise to data attack, component hijacking and privilege escalation, etc. in order to detect these problems, a detect method of inter-component communication vulnerability on Android application was presented. Firstly, an APK was analyzed reversely, and ICC methods in its component were detected. Afterwards, its component call pair, component call link and component call graph were constructed. Next, the detect framework began to analyze data flow of the suspicious components. Experimental results show that the proposed method is able to detect common inter-component communication vulnerability comprehensively and effectively not only between different components but also different applications.

Copyright

© 2019, the Authors. Published by Atlantis Press.

Open Access

This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

TY  - CONF
AU  - Yutong Chen
PY  - 2019/05
DA  - 2019/05
TI  - A Static Detection of Inter-Component Communication Vulnerability in Android Application
BT  - Proceedings of the 2019 International Conference on Computer, Network, Communication and Information Systems (CNCI 2019)
PB  - Atlantis Press
SP  - 532
EP  - 537
SN  - 2352-538X
UR  - https://doi.org/10.2991/cnci-19.2019.74
DO  - 10.2991/cnci-19.2019.74
ID  - Chen2019/05
ER  -