A Privilege Escalation Attack Detection Framework for Android using IPC Tracking
- A Privilege Escalation Attack Detection Framework for Android using IPC Tracking
- Date Issued
- Malicious applications can access and send out sensitive resources through a network.
To detect this unwanted data access and leakages, Android system enforce the per-
missions mechanism to applications to access sensitive resources. However, because
of the vulnerability of the inter-process communications(IPC) structure in the exist-
ing Android framework, malicious third-party applications can trick the permissions
system and access sensitive resources (Privilege Escalation Attack). Consequently,
non-permitted applications can access sensitive resources by making a route through
the permitted applications. In this thesis, we proposed an ecient detection scheme
for handling these privacy issues by modifying the Android framework. We created
call-chains of requests for resources by hooking all the IPCs. With the call-chains, we
can track the requests for sensitive resources and nd out the provenance of request.
By checking the permissions of the caller application, we can detect access to sensi-
tive resources from non-permitted applications. In this way we can provide a secure
framework for preventing the unwanted data leakage from malicious application
- Article Type
- Files in This Item:
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.