Method and system for vulnerability discovery of Android system

A vulnerability mining and vulnerability technology, which is applied in the field of Android system vulnerability mining, can solve the problems of security vulnerabilities, no solution for Android system vulnerability mining, and not strict data verification, so as to achieve the effect of stable operation and improved terminal user experience

Active Publication Date: 2016-01-13
北京鸿享技术服务有限公司
View PDF4 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the process of interaction between Android system service process and application process, that is, in the process of interaction between high-privilege process and low-privilege process, if the high-privilege system service process does not strictly verify the data sent by the low-privilege application process, it may cause security breach
However, there is no solution for Android system vulnerability mining in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for vulnerability discovery of Android system
  • Method and system for vulnerability discovery of Android system
  • Method and system for vulnerability discovery of Android system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary only for explaining the present invention and should not be construed as limiting the present invention.

[0052] Those skilled in the art will understand that unless otherwise stated, the singular forms "a", "an", "said" and "the" used herein may also include plural forms. It should be further understood that the word "comprising" used in the description of the present invention refers to the presence of said features, integers, steps, operations, elements and / or components, but does not exclude the presence or addition of one or more other features, Integers, steps, operations, elements, components, and / or groups thereof. It will be unders...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and a system for vulnerability discovery of an Android system. The method comprises the following steps: obtaining a function corresponding to any Android system service interface and parameter type information matched with the function; generating a random parameter matched with the function on the basis of the parameter type information; executing call processing through the Android system service interface on the basis of the function and the random parameter matched with the function, and extracting an execution result log; and judging whether a system vulnerability exists in the Android system service interface according to the execution result log. According to the method and the system, the condition that call processing is executed through the Android system service interface is actively simulated; and the system crash condition is examined after call processing is ended, so that the call processing, which causes the crash, when executed by the Android system service interface in a practical application scene can be accurately predicted; and a repairing plan and a reliable basis can be provided for the discovered system vulnerabilities.

Description

technical field [0001] The present invention relates to the technical field of wireless mobile communication, in particular, the present invention relates to a method and device for exploiting Android system vulnerabilities. Background technique [0002] With the rapid development of technology, smart terminals have become an indispensable communication product. Smart terminals with powerful functions and rich user experience have brought great convenience to people's lives. Due to the high utilization rate of smart terminals, a large number of applications carried on smart terminals have emerged as the times require. In smart terminals, Android system services usually run in high-privilege system service processes, such as System_Server service process, mediaServer service process, etc. Third-party applications usually run in low-privilege application processes, and Android system service processes provide System service, the application process calls the functions provide...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/57G06F21/577G06F2221/033
Inventor 龚广
Owner 北京鸿享技术服务有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap