File Download
  Links for fulltext
     (May Require Subscription)
Supplementary

Conference Paper: A privilege escalation vulnerability checking system for android applications

TitleA privilege escalation vulnerability checking system for android applications
Authors
KeywordsApplication platforms
Linux kernel
Mobile platform
Open sources
Runtimes
Issue Date2011
PublisherIEEE. The Journal's web site is located at http://ieeexplore.ieee.org/xpl/conhome.jsp?punumber=1000099
Citation
The 13th IEEE International Conference on Communication Technology (ICCT 2011), Jinan, China, 25-28 September 2011. In Proceedings of 13th ICCT, 2011, p. 681-686 How to Cite?
AbstractAndroid is a free, open source mobile platform based on the Linux kernel. The openness of the application platform attracts developers, both benign and malicious. Android depends on privilege separation to isolate applications from each other and from the system. However, a recent research reported that a genuine application exploited at runtime or a malicious application can escalate granted permissions. The attack depends on a carelessly designed application which fails to protect the permissions granted to it. In this research, we propose a vulnerability checking system to check if an application can be potentially leveraged by an attacker to launch such privilege escalation attack. We downloaded 1038 applications from the wild and found 217 potentially vulnerable applications that need further inspection.
Persistent Identifierhttp://hdl.handle.net/10722/139985
ISBN
References

 

DC FieldValueLanguage
dc.contributor.authorChan, PPFen_US
dc.contributor.authorHui, CKen_US
dc.contributor.authorYiu, SMen_US
dc.date.accessioned2011-09-23T06:04:25Z-
dc.date.available2011-09-23T06:04:25Z-
dc.date.issued2011en_US
dc.identifier.citationThe 13th IEEE International Conference on Communication Technology (ICCT 2011), Jinan, China, 25-28 September 2011. In Proceedings of 13th ICCT, 2011, p. 681-686en_US
dc.identifier.isbn978-1-61284-307-0-
dc.identifier.urihttp://hdl.handle.net/10722/139985-
dc.description.abstractAndroid is a free, open source mobile platform based on the Linux kernel. The openness of the application platform attracts developers, both benign and malicious. Android depends on privilege separation to isolate applications from each other and from the system. However, a recent research reported that a genuine application exploited at runtime or a malicious application can escalate granted permissions. The attack depends on a carelessly designed application which fails to protect the permissions granted to it. In this research, we propose a vulnerability checking system to check if an application can be potentially leveraged by an attacker to launch such privilege escalation attack. We downloaded 1038 applications from the wild and found 217 potentially vulnerable applications that need further inspection.-
dc.languageengen_US
dc.publisherIEEE. The Journal's web site is located at http://ieeexplore.ieee.org/xpl/conhome.jsp?punumber=1000099-
dc.relation.ispartofProceedings of the IEEE International Conference on Communication Technology, ICCT 2011en_US
dc.rightsCreative Commons: Attribution 3.0 Hong Kong License-
dc.rightsProceedings of the IEEE International Conference on Communication Technology. Copyright © IEEE.-
dc.rights©2011 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.-
dc.subjectApplication platforms-
dc.subjectLinux kernel-
dc.subjectMobile platform-
dc.subjectOpen sources-
dc.subjectRuntimes-
dc.titleA privilege escalation vulnerability checking system for android applicationsen_US
dc.typeConference_Paperen_US
dc.identifier.emailChan, PPF: pfchan@cs.hku.hken_US
dc.identifier.emailHui, CK: hui@cs.hku.hken_US
dc.identifier.emailYiu, SM: smyiu@cs.hku.hk-
dc.identifier.authorityHui, CK=rp00120en_US
dc.identifier.authorityYiu, SM=rp00207en_US
dc.description.naturepublished_or_final_version-
dc.identifier.doi10.1109/ICCT.2011.6157963-
dc.identifier.scopuseid_2-s2.0-84858248477-
dc.identifier.hkuros192246en_US
dc.relation.referenceshttp://www.scopus.com/mlt/select.url?eid=2-s2.0-84858248477&selection=ref&src=s&origin=recordpage-
dc.identifier.spage681-
dc.identifier.epage686-
dc.description.otherThe 13th IEEE International Conference on Communication Technology (ICCT 2011), Jinan, China, 25-28 September 2011. In Proceedings of 13th ICCT, 2011, p. 681-686-
dc.identifier.scopusauthoridChan, PPF=52563246100-
dc.identifier.scopusauthoridHui, LCK=8905728300-
dc.identifier.scopusauthoridYiu, SM=7003282240-

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats