File Download
Links for fulltext
(May Require Subscription)
- Publisher Website: 10.1109/ICCT.2011.6157963
- Scopus: eid_2-s2.0-84858248477
Supplementary
-
Citations:
- Scopus: 0
- Appears in Collections:
Conference Paper: A privilege escalation vulnerability checking system for android applications
| Title | A privilege escalation vulnerability checking system for android applications |
|---|---|
| Authors | |
| Keywords | Application platforms Linux kernel Mobile platform Open sources Runtimes |
| Issue Date | 2011 |
| Publisher | IEEE. The Journal's web site is located at http://ieeexplore.ieee.org/xpl/conhome.jsp?punumber=1000099 |
| Citation | The 13th IEEE International Conference on Communication Technology (ICCT 2011), Jinan, China, 25-28 September 2011. In Proceedings of 13th ICCT, 2011, p. 681-686 How to Cite? |
| Abstract | Android is a free, open source mobile platform based on the Linux kernel. The openness of the application platform attracts developers, both benign and malicious. Android depends on privilege separation to isolate applications from each other and from the system. However, a recent research reported that a genuine application exploited at runtime or a malicious application can escalate granted permissions. The attack depends on a carelessly designed application which fails to protect the permissions granted to it. In this research, we propose a vulnerability checking system to check if an application can be potentially leveraged by an attacker to launch such privilege escalation attack. We downloaded 1038 applications from the wild and found 217 potentially vulnerable applications that need further inspection. |
| Persistent Identifier | http://hdl.handle.net/10722/139985 |
| ISBN | |
| References |
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Chan, PPF | en_US |
| dc.contributor.author | Hui, CK | en_US |
| dc.contributor.author | Yiu, SM | en_US |
| dc.date.accessioned | 2011-09-23T06:04:25Z | - |
| dc.date.available | 2011-09-23T06:04:25Z | - |
| dc.date.issued | 2011 | en_US |
| dc.identifier.citation | The 13th IEEE International Conference on Communication Technology (ICCT 2011), Jinan, China, 25-28 September 2011. In Proceedings of 13th ICCT, 2011, p. 681-686 | en_US |
| dc.identifier.isbn | 978-1-61284-307-0 | - |
| dc.identifier.uri | http://hdl.handle.net/10722/139985 | - |
| dc.description.abstract | Android is a free, open source mobile platform based on the Linux kernel. The openness of the application platform attracts developers, both benign and malicious. Android depends on privilege separation to isolate applications from each other and from the system. However, a recent research reported that a genuine application exploited at runtime or a malicious application can escalate granted permissions. The attack depends on a carelessly designed application which fails to protect the permissions granted to it. In this research, we propose a vulnerability checking system to check if an application can be potentially leveraged by an attacker to launch such privilege escalation attack. We downloaded 1038 applications from the wild and found 217 potentially vulnerable applications that need further inspection. | - |
| dc.language | eng | en_US |
| dc.publisher | IEEE. The Journal's web site is located at http://ieeexplore.ieee.org/xpl/conhome.jsp?punumber=1000099 | - |
| dc.relation.ispartof | Proceedings of the IEEE International Conference on Communication Technology, ICCT 2011 | en_US |
| dc.subject | Application platforms | - |
| dc.subject | Linux kernel | - |
| dc.subject | Mobile platform | - |
| dc.subject | Open sources | - |
| dc.subject | Runtimes | - |
| dc.title | A privilege escalation vulnerability checking system for android applications | en_US |
| dc.type | Conference_Paper | en_US |
| dc.identifier.email | Chan, PPF: pfchan@cs.hku.hk | en_US |
| dc.identifier.email | Hui, CK: hui@cs.hku.hk | en_US |
| dc.identifier.email | Yiu, SM: smyiu@cs.hku.hk | - |
| dc.identifier.authority | Hui, CK=rp00120 | en_US |
| dc.identifier.authority | Yiu, SM=rp00207 | en_US |
| dc.description.nature | link_to_subscribed_fulltext | - |
| dc.identifier.doi | 10.1109/ICCT.2011.6157963 | - |
| dc.identifier.scopus | eid_2-s2.0-84858248477 | - |
| dc.identifier.hkuros | 192246 | en_US |
| dc.relation.references | http://www.scopus.com/mlt/select.url?eid=2-s2.0-84858248477&selection=ref&src=s&origin=recordpage | - |
| dc.identifier.spage | 681 | - |
| dc.identifier.epage | 686 | - |
| dc.description.other | The 13th IEEE International Conference on Communication Technology (ICCT 2011), Jinan, China, 25-28 September 2011. In Proceedings of 13th ICCT, 2011, p. 681-686 | - |
| dc.identifier.scopusauthorid | Chan, PPF=52563246100 | - |
| dc.identifier.scopusauthorid | Hui, LCK=8905728300 | - |
| dc.identifier.scopusauthorid | Yiu, SM=7003282240 | - |