期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

Android智能手机渗透测试研究 被引量:3

RESEARCH ON PENETRATION TEST FOR ANDROID-BASED SMARTPHONE
下载PDF
导出
摘要 渗透测试技术大多局限于对传统操作系统及网络的测试评估,并未涉及移动互联网环境下安全问题。为此实现一种移动互联网环境下针对移动智能终端的渗透测试方案。该方案利用实际的移动互联网络环境搭建测试平台,通过模拟多种网络攻击对Android智能手机在吞吐量、网页响应时间、CPU使用率以及能耗等性能变化进行测试。结果表明,针对链路层的拒绝服务攻击,会话截取以及中间人攻击都能成功对Android系统实施攻击,对Android系统造成威胁。此外,泛洪类拒绝服务攻击对移动智能终端的电量的消耗非常明显。此研究成果为Android系统安全的检测和防御提供了依据。 Penetration testing technology is mostly confined to testing and evaluating traditional operating systems and networks, but does not address the security issues in mobile internet environment.And for that, in the paper we implement a penetration testing scheme for intelligent mobile terminals in mobile internet environment. The scheme constructs the test platform using practical mobile internet environment, and tests the performances variation of Android-based smartphone in terms of throughput, webpage response time, CPU utilisation and power consumption, etc., by simulating multiple networks attacks.Results show that the attacks targeted at link-layer including the denial-of-service attack, man-in-the-middle attack and session hijacking attack are all success in attacking the Android system and cause menace on the system.Besides, the flooding type of DoS attack is very detrimental to power consumption of the smartphone.This research outcome provides a basis for the detection and prevention of Android system security.
作者 张靖 彭新光
机构地区 太原理工大学计算机科学与技术学院
出处 《计算机应用与软件》 CSCD 北大核心 2014年第12期29-32,共4页 Computer Applications and Software
基金 山西省自然科学基金项目(2009011022-2) 山西省留学基金项目(2009-28)
关键词 智能手机 安卓 渗透测试 安全漏洞 网络攻击 Smartphone Android Penetration test Security vulnerabilities Network attack
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献10

  • 1William G J Halfond,Shauvik Roy Choudhary,Alessandro Orso.Improving penetration testing through static and dynamic analysis[J].Software Testing,Verifieation&Reliability,2011,21(3):195-214.
  • 2Lu Shen,Liang Xiaoyan,Yang Bo.Automatic Generation for Penetration Testing Scheme Analysis Model for Network[C]//Proceeding of Computational and Information Sciences,2011 International Conference,USA:IEEE Computer Society.2011:821-826.
  • 3Nuno Antunes,Mareo Vieira.Benchmarking Vulnerability Detection Tools for Web Services[C]//Proceeding of Web Services,2010 IEEE International Conference,USA:IEEE Computer Society.2010:203-210.
  • 4Becher M,Freiling F C,Hoffmann J,et al.Mobile Security Catching Up?Revealing the Nuts and Bolts of the Security of Mobile Devices[C]//Proceedings of the 2011 IEEE Symposium on Security and Privacy,USA:IEEE Computer Society.2011:96-111.
  • 5Caviglione L,Merlo A,Migliardi M.What is Green Security[C]//Proceedings of the 7th International Conference on Information Assurance and Security,USA:IEEE Computer Society.2011:366-371.
  • 6Caviglione L,Merlo A.The energy impact of security mechanisms in modern mobile devices[J].Network Security,2012:12-14.
  • 7Portokalidis G,Homburg P,Anagnostakis K.Paranoid Android:Versatile Protection For Smartphones[C]//Proceedings of the 26th Annual Computer Security Applications Conference,USA:ACM.2010:347-356.
  • 8La Polla,Martinelli M,F Sgandurra D.A Survey on Security for Mobile Devices[J].Communications Surveys&Tutorials,IEEE,2013,15(1):446-471.
  • 9Schmidt A D,Bye R,Schmidt H G,et al.Static Analysis of Executables for Collaborative Malware Detection on Android[C]//Proceedings of the 2009 IEEE international conference on Communications,USA:IEEE Computer Society.2009:14-18.
  • 10王晓聪,张冉,黄赪东.渗透测试技术浅析[J].计算机科学,2012,39(B06):86-88. 被引量:11

二级参考文献13

共引文献10

同被引文献25

引证文献3

二级引证文献9

计算机应用与软件
2014年 第12期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部