检测Android应用的权限提升漏洞

Detecting the Privilege Escalation Vulnerabilities in Android Applications

利用Android平台的组件间通信机制,一个应用可以调用其他应用的某些功能,这使得应用间通信和数据共享很方便。为了保证系统的安全,Android操作系统使用了权限机制,即通过为敏感API设置访问权限来确保系统的安全。但是由于恶意应用可以通过组件间通信机制(ICC)利用其他应用暴露的组件间接地调用敏感API,从而提升自己的权限,导致权限提升漏洞,即一些没有敏感API访问权限的应用可以通过其他拥有相应权限的应用去访问敏感API。如果权限提升漏洞被恶意应用利用,就会使用户处于不安全的状态。本文提出了一种基于应用间污点流分析的方法,来检测两个应用之间是否存在权限提升漏洞。

Android applications can communicate with each other to share data with the ability of inter-component communication provided by Android. To protect the security of system, Android applications are not allowed to access sensitive APIs unless they have the corresponding permissions. But malicious applications can still call sensitive APIs indirectly through calling components exposed by other applications, leading to privilege escalation, i.e., applications without sensitive permissions can access sensitive APIs. Android system is insecure if privilege escalation is used by malicious applications. In this paper, we propose a method based on inter-application taint flow analysis to detect privilege escalation vulnerabilities between two Android applications.