Welcome to Journal of University of Chinese Academy of Sciences,Today is

›› 2014, Vol. 31 ›› Issue (6): 827-835.DOI: 10.7523/j.issn.2095-6134.2014.06.015

Previous Articles     Next Articles

Android inter-application communication vulnerability mining technique based on Fuzzing

WANG Kai, LIU Qixu, ZHANG Yuqing   

  1. National Computer Network Intrusion Protection Center, University of Chinese Academy of Science, Beijing 101408, China
  • Received:2013-09-27 Revised:2014-01-03

Abstract:

If an Android application could not protect its private components well in the process of inter-application communication, there would exist exposed component vulnerabilities. The current vulnerability mining technique cannot identify such vulnerabilities accurately. To solve this problem, we propose a new vulnerability mining method which combines Fuzzing with reverse analysis, and design a vulnerability mining tool named KMDroid. Experimental results show that KMDroid can discover the vulnerability of inter-application communication effectively.

Key words: Android, Fuzzing, reverse analysis, inter-application communication, vulnerabilities

CLC Number: