Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security defense method and device of Android privilege escalation attack based on integrity verification

A technology of integrity verification and authority promotion, applied in the field of information security, it can solve the problems of lag in defense effect and insufficient timeliness, and achieve the effect of improving security, protecting security and reducing security threats.

Active Publication Date: 2017-08-04
INST OF INFORMATION ENG CAS
View PDF6 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This restricts malicious processes that illegally obtain Root privileges from accessing protected system resources, thereby constraining other malicious behaviors of the process
The above method is to defend when the malicious process has illegally obtained Root permission and tries to access key resources, rather than to defend when the process is trying to obtain Root permission. Therefore, the defense effect has a certain lag and is not timely enough.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security defense method and device of Android privilege escalation attack based on integrity verification
  • Security defense method and device of Android privilege escalation attack based on integrity verification
  • Security defense method and device of Android privilege escalation attack based on integrity verification

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0049] Hijacking kernel control flow by modifying kernel function pointers is a common privilege escalation attack mode. The malicious program first injects a piece of privilege escalation attack code in the memory space; then uses the privilege escalation vulnerability of the Android system to locate and modify the kernel function pointer to poin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a security defense method and device of the Android privilege escalation attacks based on integrity verifications. The method comprises the steps that the case that whether or not an application program is executing the system calls associated with sensitive kernel functions is detected in real time; integrity verifications are conducted on the sensitive kernel functions to be executed by the system calls; the accuracy and reliability of the kernel function pointer corresponding to the sensitive kernel functions are examined; the case that whether or not the internal storage pointed by the kernel function pointers has the commands for the privilege escalation attack features is evaluated; the detected application privilege escalation attacks are given warnings and blocked. According to the security defense method and device of the Android privilege escalation attacks based on integrity verifications, the privilege escalation attack behaviors of malicious programs are detected in real time and are given warnings and blocked, and the damages caused by attacks on the Android system are prevented, and the securities of the application and data are effectively protected. The security defense method and device of the Android privilege escalation attacks based on integrity verifications reduce security threats brought to the Android system by the privilege escalation vulnerabilities, and enhance the security of the Android system.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a security defense method and device for Android privilege escalation attacks based on integrity verification. Background technique [0002] This section introduces readers to background technologies that may be related to various aspects of the present invention, and it is believed that useful background information can be provided to readers, thereby helping readers to better understand various aspects of the present invention. Accordingly, it is to be understood that the descriptions in this section are for the purposes stated above and do not constitute admissions of prior art. [0003] Privilege escalation attack is an attack method that exploits Android system vulnerabilities to illegally elevate the running privileges of applications. Taking advantage of the privilege escalation vulnerability in the Android system, malicious programs can bypass the pr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/55G06F21/57
Inventor 朱大立李莹冯维淼杨莹金昊
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com