DroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android (Short Paper)
| Autor: | Ahmad-Reza Sadeghi, Stephan Heuser, Marco Negro, Praveen Kumar Pendyala |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
Logic bomb
Computer science business.industry 020206 networking & telecommunications Access control 02 engineering and technology Static analysis Computer security computer.software_genre Application layer 020204 information systems 0202 electrical engineering electronic engineering information engineering Dynamic program analysis Android (operating system) business computer Mobile device Privilege escalation |
| Zdroj: | Financial Cryptography and Data Security ISBN: 9783662549698 Financial Cryptography |
| DOI: | 10.1007/978-3-662-54970-4_15 |
| Popis: | Smart mobile devices process and store a vast amount of security- and privacy-sensitive data. To protect this data from malicious applications mobile operating systems, such as Android, adopt fine-grained access control architectures. However, related work has shown that these access control architectures are susceptible to application-layer privilege escalation attacks. Both automated static and dynamic program analysis promise to proactively detect such attacks. Though while state-of-the-art static analysis frameworks cannot adequately address native and highly obfuscated code, dynamic analysis is vulnerable to malicious applications using logic bombs to avoid early detection. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|