• DocumentCode
    3388697
  • Title

    A privilege escalation vulnerability checking system for android applications

  • Author

    Chan, Patrick P F ; Hui, Lucas C K ; Yiu, S.M.

  • Author_Institution
    Dept. of Comput. Sci., Univ. of Hong Kong, Hong Kong, China
  • fYear
    2011
  • fDate
    25-28 Sept. 2011
  • Firstpage
    681
  • Lastpage
    686
  • Abstract
    Android is a free, open source mobile platform based on the Linux kernel. The openness of the application platform attracts developers, both benign and malicious. Android depends on privilege separation to isolate applications from each other and from the system. However, a recent research reported that a genuine application exploited at runtime or a malicious application can escalate granted permissions. The attack depends on a carelessly designed application which fails to protect the permissions granted to it. In this research, we propose a vulnerability checking system to check if an application can be potentially leveraged by an attacker to launch such privilege escalation attack. We downloaded 1038 applications from the wild and found 217 potentially vulnerable applications that need further inspection.
  • Keywords
    Linux; operating systems (computers); security of data; Android applications; Linux kernel; malicious application; open source mobile platform; privilege escalation vulnerability checking system; Androids; History; Humanoid robots; Java; Operating systems; Receivers; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communication Technology (ICCT), 2011 IEEE 13th International Conference on
  • Conference_Location
    Jinan
  • Print_ISBN
    978-1-61284-306-3
  • Type

    conf

  • DOI
    10.1109/ICCT.2011.6157963
  • Filename
    6157963
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3388697