Full metadata record
DC FieldValueLanguage
dc.contributorDepartment of Computingen_US
dc.contributor.advisorChang, Rocky (COMP)-
dc.creatorWu, Daoyuan-
dc.identifier.urihttps://theses.lib.polyu.edu.hk/handle/200/7936-
dc.languageEnglishen_US
dc.publisherHong Kong Polytechnic University-
dc.rightsAll rights reserveden_US
dc.titleDetecting file:// and exposed component vulnerabilities in Android appsen_US
dcterms.abstractIn only a few years, smartphones have already become indispensable tools for many people to manage their daily lives. However, our privacy and security are constantly threatened by mobile malwares and vulnerable mobile apps. Detecting these malwares and uncovering vulnerable apps is therefore one of the most pressing problems confronting the security research community. This thesis considers two main security problems in Android platform, the most popular mobile operating system to date. First, we identify four types of attacks in Android browsers, collectively known as FileCross that exploits the vulnerable file:// interfaces to obtain user’s private files, such as cookies, bookmarks, and browsing histories. We design an automated system to dynamically test 115 browser apps collected from Google Play and find that 64 of them being vulnerable to the attacks. They include the popular Firefox, Baidu and Maxthon browsers, and the more application-specific ones, including UC Browser HD for tablet users, Wikipedia Browser, and Kids Safe Browser. A detailed analysis of these browsers further shows that 26 browsers (23%) expose their browsing interfaces unintentionally. In response to our reports, the developers concerned promptly patched their browsers by forbidding file:// access to private file zones, disabling JavaScript execution in file:// URLs, or even blocking external file:// URLs. We employ the same system to validate the ten patches received from the developers and find one still failing to block the vulnerability.en_US
dcterms.abstractThe second problem is related to the fundamental feature of Androidthe component-based communicationin which apps can utilize other apps' exported components for flexible coding and data sharing. In return for this convenience, the exported components, if not well designed, will run into serious security risks. In this study, we consider a general class of vulnerabilities occurred in exported components, named exposed component vulnerability (ECV), which exposes privileged capabilities or private resources to other unauthorized apps. To detect these ECVs, the prior works use a set of sinks pertaining to the ECVs under detection. We argue that a more comprehensive and effective approach should start from a systematic selection and classification of vulnerability-specific sinks (VSinks). The set of VSinks employed in our study is much larger than those used in the previous works. Based on these VSinks, our sink-driven approach can detect different kinds of ECVs in an app in two steps. First, the VSinks and their categories are identified through a typical forward reachability analysis. Second, based on each VSink{174}s category, a corresponding detection method is used to identify the ECV via a customized backward dataflow analysis. We also design a semi-automated guided analysis and validation for system-only broadcast checking to remove some false positives. We implement our sink-driven approach in a tool called ECVDetector and evaluate it with the top 1K Android apps. We use ECVDetector to successfully identify a total of 49 vulnerable apps across all four ECV categories we have defined. To our knowledge, most of them are previously undisclosed, such as the very popular Go SMS Pro and Clean Master. Moreover, the performance of ECVDetector is high, requiring only 9.257 seconds on average to process each component.en_US
dcterms.extentix, 68 pages : illustrations ; 30 cmen_US
dcterms.isPartOfPolyU Electronic Thesesen_US
dcterms.issued2015en_US
dcterms.educationalLevelAll Masteren_US
dcterms.educationalLevelM.Phil.en_US
dcterms.LCSHApplication software -- Development.en_US
dcterms.LCSHMobile computing.en_US
dcterms.LCSHHong Kong Polytechnic University -- Dissertationsen_US
dcterms.accessRightsopen accessen_US

Files in This Item:
File Description SizeFormat 
b28068646.pdfFor All Users2.37 MBAdobe PDFView/Open


Copyright Undertaking

As a bona fide Library user, I declare that:

  1. I will abide by the rules and legal ordinances governing copyright regarding the use of the Database.
  2. I will use the Database for the purpose of my research or private study only and not for circulation or further reproduction or any other purpose.
  3. I agree to indemnify and hold the University harmless from and against any loss, damage, cost, liability or expenses arising from copyright infringement or unauthorized usage.

By downloading any item(s) listed above, you acknowledge that you have read and understood the copyright undertaking as stated above, and agree to be bound by all of its terms.

Show simple item record

Please use this identifier to cite or link to this item: https://theses.lib.polyu.edu.hk/handle/200/7936