Research Article
Risk Measurement Method of Collusion Privilege Escalation Attacks for Android Apps Based on Feature Weight and Behavior Determination
Table 1
Key code of privilege escalation attack case.
| | | Com1 of App1 | Com2 of App2 | Com3 of App3 |
| | Application permission AppP | NULL | <uses-permission android:name = “android.permission.SEND_SMS”/> | NULL | | Component permissionComP | NULL | app’s has SEND_SMS permission | android:permission = “android.permission.SEND_SMS” | | Component < intent-filter> | NULL | <action android:name = “sendInfro”/> | <action android:name = “sendInfromationSMS”/> | | Sensitive API calls | NULL | void enforceReceiveAndSend(
Java.lang.String) | void enforceReceiveAndSend(
Java.lang.String) | Sensitive data flow pairs
Component Intent communication | <sourc, sink>
Intent intentA = new Intent(“sendInfro”);
Bundle bundleA = new Bundle();
bundleA.putString(“userTel1”, edtTel.getText().toString());
intentA.putExtras(bundleA);
startActivity(intentA); | <sourc, sink>
Bundle budle = this.getIntent().getExtras();
keyStr = budle.getString(“userTel1”);Intent intentB = new Intent(“sendInfromationSMS”);
Bundle bundleB = new Bundle();
bundleB.putString(“keyInfro”,keyStr);
intentB.putExtras(bundle2);
startActivity(intentB); | <sourc, sink>
Bundle bundleC = this.getIntent().getExtras();
sendStr = bundleC.getString(“keyInfro”);
String phoneNo = “XXXXXXXXXXX”;
String message = sendStr;
SmsManagersmsManager = SmsManager.getDefault();
smsManager.sendTextMessage(phoneNo, null, message, null, null); | | Number of sensitive data transitions | 2 | 1 | 1 |
|
|
