Computer Science

Computer Science ›› 2014, Vol. 41 ›› Issue (Z6): 343-346.

Previous Articles     Next Articles

Utilization Pattern Based Android Root Vulnerability Analysis

YANG Chao,LIU Wen-qing,ZHANG Wei and CHEN Yun-fang   

  • Online:2018-11-14 Published:2018-11-14

PDF (PC)

479

Abstract: Malware on android platform can bypass the conventional android security mechanisms through the privilege escalation process.Due to the android fragmentation phenomenon,the emergence of root vulnerabilities in utilization patterns and scopes strongly urges the researchers’ exhaustive understanding of these mechanisms to implement corresponding security policy.The categorization of android root vulnerabilities was proposed based on their utilization patterns of whether they can be directly utilized on the mobile terminal.And then a detailed description of the existing vulnerabilities in the implementation particulars,exploit patterns,as well as coverage was presented to help to further develop the vulnerability detection program.

Key words: Android root,Privilege escalation process,Vulnerability analysis

[1] Zhang Q,Li X,Yu X,et al.ASF:Improving Android Security with Layered Structure Instrumentation[M]∥Contemporary Research on E-business Technology and Strategy.Springer Berlin Heidelberg,2012:147-157
[2] Ongtang M,McLaughlin S,Enck W,et al.Semantically rich application-centric security in Android[J].Security and Communication Networks,2012,5(6):658-673
[3] Bartel A,Klein J,Le Traon Y,et al.Automatically securing permission-based software by reducing the attack surface:An application to Android[C]∥2012Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering (ASE).IEEE,2012:274-277
[4] Zhou Y,Jiang X.Dissecting Android malware:Characterizationand evolution[C]∥2012IEEE Symposium on Security and Privacy (SP).IEEE,2012:95-109
[5] Jang W J,Cho S W,Lee H W,et al.Rooting attack detection method on the Android-based smart phone[C]∥2011International Conference on Computer Science and Network Technology (ICCSNT).IEEE,2011,1:477-481
[6] SEAndroid.http://selinuxproject.org/page/SEAndroid
[7] Android fragmentation.http://www.webopedia.com/TE-RM/F/fragmentation.html
[8] XDA.http://forum.xda-developers.com
[9] 福布斯中文网[EB/OL].201206恶意软件可借由充电器入侵iPhone手机,http://www.forbeschina.com/review/201306/0026176.shtml
[10] KingRoot.http://www.pc6.com/az/75398.html
[11] SuperOneclick.http://luozhihao.wodemo.com/file/92858
[12] Z4Root http://forum.xda-developers.com/showthread.php?t=833953
[13] Framaroot.http://forum.xda-developers.com/showthre-ad.php?t=2130276
[14] Rageagainstthecage.https://github.com/bibanon/An-droid-development-codex/wiki/rageagainstthecage
[15] GingerBreak.http://c-skills.blogspot.com/2011/04/yummy-ymuuy-gingerbreak.html
[16] CVE-2012-0056.http://web.nvd.nist.gov/view/vuln/d-etail?vulnId=CVE-2012-0056
[17] CVE-2013-2094.http://web.nvd.nist.gov/view/vuln/de-tail?vulnId=CVE-2013-2094
[18] Root exploit on Exynos. http://forum.xda-developers.com/showthread.php?t=2048511
[19] CVE-2013-2596.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2596
[20] Revolutionary-zergRush local root 2.2/2.3.http://forum.xdadevelopers.com/showthread.php?t=1296916
[21] ADB Restore.http://forum.xda-developers.com/showth-read.php?t=1439429
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.