Overall static analysis system for Android authority-escalated attack

A technology of privilege escalation and static analysis, applied in the system field of capability disclosure vulnerabilities, can solve problems such as poor decompilation result obfuscation technology, and achieve the effect of low false negative rate and low false positive.

Inactive Publication Date: 2015-08-12
NANJING UNIV
View PDF0 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the actual scenario, take the malware NickyBot as an example, it will put the audio files on the SD card (secure digital card), so that it may be obtained by its p

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Overall static analysis system for Android authority-escalated attack
  • Overall static analysis system for Android authority-escalated attack
  • Overall static analysis system for Android authority-escalated attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0076] The present invention selects some representative malicious software and constructs some malicious software variants to test the present invention. The main purpose of the experiment is to evaluate the effectiveness of the present invention in detecting the power leakage problem in privilege escalation attacks. experiment platform:

[0077] Ubuntu 10.04 with 512MB of RAM. The tested malware comes from the Android Malware Genome project.

[0078] The present invention constructs the variants of the following malicious software to evaluate the effectiveness of detecting the power leakage problem in the privilege escalation attack:

[0079] DroidDream, FakePlayer, GamSMS, GPSSMSSpy, etc. In the experiment, although the existing malicious software has the appearance of power leakage, the attack technology of privilege escalation has not been widely accepted. According to the existing results, the present invention finds that only three types of malicious software contai...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention discloses an overall static analysis system for an Android authority-escalated attack, comprising the following units: a suspicion analysis unit configured to separate a program with suspicious characteristics from all programs, the suspicion analysis unit comprising: an authority detection module configured to extract an Android application program sensitive authority, a component detection module configured to identify an Android application program open component, an Intent operation detection module configured to identify Android application program Intent communication, wherein the Intent is an abstract description of an operation to be performed, a file detection module configured to identify Android application program file access, and an identify socket detection module configured to identify network communication between android application programs; and a leakage path analysis unit configured to extract an explicit capability leakage path in the suspicious program, wherein the leakage path analysis unit comprises a module configured to analyze sensitive behavior code, and a module configured to analyze sensitive data transmission code.

Description

technical field [0001] The invention provides a comprehensive static analysis system for Android (Android) privilege escalation attacks, in particular a system for detecting power leakage loopholes that may lead to privilege escalation attacks. Background technique [0002] In order to resist the potential abuse of private information, Android (Android) proposes a permission-based security model. Before each application is installed, it must explicitly request a series of required permissions from the user, which may reveal the malicious intent of the program. However, an emerging threat known as privilege escalation attacks can bypass this privilege authorization mechanism. This model targets grant lists that contain suspiciously sensitive permissions that could lead to malicious uses. By utilizing this threat model, private information acquisition and sending permissions will be distributed to different applications. Sensitive operation access can be similarly changed, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57
Inventor 茅兵钟杨忆冰辛知陈平陈惠羽
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap