• Title of article

    Towards a Formal Approach for Detection of Vulnerabilities in the Android Permissions System

  • Author/Authors

    Sayyadabdi ، Amirhosein Department of Software Engineering - Faculty of Computer Engineering - University of Isfahan , Tork Ladani ، Behrouz Department of Software Engineering - Faculty of Computer Engineering - University of Isfahan , Zamani ، Bahman MDSE Research Group, Department of Software Engineering - University of Isfahan

  • From page
    61
  • To page
    69
  • Abstract
    Android is a widely used operating system that employs a permission-based access control model. The Android Permissions System (APS) is responsible for mediating application resource requests. APS is a critical component of the Android security mechanism; hence, a failure in the design of APS can potentially lead to vulnerabilities that grant unauthorized access to resources by malicious applications. In this paper, we present a formal approach for modeling and verifying the security properties of APS. We demonstrate the usability of the proposed approach by showcasing the detection of a well-knownvulnerability found in Android’s custom permissions.
  • Keywords
    Android Security , Formal Methods , Verification
  • Journal title
    ISeCure - The ISC International Journal of Information Security
  • Journal title
    ISeCure - The ISC International Journal of Information Security
  • Record number

    2759946

    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=10&DC=2759946