國立虎尾科技大學 |

Towards Enhancing Android Application and System Security.

紀錄類型:	書目-語言資料,手稿 : Monograph/item
正題名/作者:	Towards Enhancing Android Application and System Security./
作者:	Luo, Lannan.
面頁冊數:	1 online resource (113 pages)
附註:	Source: Dissertation Abstracts International, Volume: 79-04(E), Section: B.
Contained By:	Dissertation Abstracts International79-04B(E).
標題:	Computer science. -
電子資源:	click for full text (PQDT)
ISBN:	9780355331028

Towards Enhancing Android Application and System Security.
Luo, Lannan.

Towards Enhancing Android Application and System Security. - 1 online resource (113 pages)

Source: Dissertation Abstracts International, Volume: 79-04(E), Section: B.

Thesis (Ph.D.)

Includes bibliographical references

The market for smartphones has been booming in the past few years. Android dominates the market with 87.5% of the global smartphone shipments and over 65 billion Android apps downloaded. With the unprecedented popularity of Android devices, however, a dramatically increasing number of security threats are posing to Android applications and systems. Tremendous efforts from both industry and academia have been made to mitigate the threats to secure Android. This dissertation mainly focuses on two severe threats: Android App repackaging and Android Framework vulnerabilities, and propose techniques and approaches to address them and, hence, enhance Android application and system security.

Electronic reproduction.
Ann Arbor, Mich. :
ProQuest,
2018

Mode of access: World Wide Web

ISBN: 9780355331028Subjects--Topical Terms:

573171
Computer science.
Index Terms--Genre/Form:

554714
Electronic books.

Towards Enhancing Android Application and System Security.
LDR:04009ntm a2200385Ki 4500 001 909062
005 20180419104825.5
006 m o u
007 cr mn||||a|a||
008 190606s2017 xx obm 000 0 eng d
020 $a 9780355331028
035 $a (MiAaPQ)AAI10666560
035 $a AAI10666560
040 $a MiAaPQ $b eng $c MiAaPQ
099 $a TUL $f hyy $c available through World Wide Web
100 1 $a Luo, Lannan. $3 1179582
245 1 0 $a Towards Enhancing Android Application and System Security.
264 0 $c 2017
300 $a 1 online resource (113 pages)
336 $a text $b txt $2 rdacontent
337 $a computer $b c $2 rdamedia
338 $a online resource $b cr $2 rdacarrier
500 $a Source: Dissertation Abstracts International, Volume: 79-04(E), Section: B.
500 $a Adviser: Peng Liu.
502 $a Thesis (Ph.D.) $c The Pennsylvania State University $d 2017.
504 $a Includes bibliographical references
520 $a The market for smartphones has been booming in the past few years. Android dominates the market with 87.5% of the global smartphone shipments and over 65 billion Android apps downloaded. With the unprecedented popularity of Android devices, however, a dramatically increasing number of security threats are posing to Android applications and systems. Tremendous efforts from both industry and academia have been made to mitigate the threats to secure Android. This dissertation mainly focuses on two severe threats: Android App repackaging and Android Framework vulnerabilities, and propose techniques and approaches to address them and, hence, enhance Android application and system security.
520 $a First, we propose a decentralized Android app repackaging detection scheme to impede the prevalent app repackaging problem in the market. Existing countermeasures mostly detect repackaging based on app similarity measurement and rely on a central party to perform detection. However, the centralized scheme is unscalable and the detection techniques tend to be imprecise when handling obfuscated apps, resulting in many repackaged apps escaping detection and being widely distributed in the market. To solve the problem, we propose a decentralized repackaging detection scheme, which adds the repackaging detection capability into the code of an app, such that repackaging detection becomes an inherent part of the app when it is released.
520 $a Second, we design and build the first system that enables symbolic execution of Android Framework to automatically discover vulnerabilities and generate exploits. Android Framework is an integral and foundational part of the Android system. Each of the 1.4 billion Android devices relies on the system services of Android Framework to manage applications and system resources. Given its critical role, a vulnerability in the framework can be exploited to launch large-scale cyber attacks and cause severe harms to user security and privacy. Recently, many vulnerabilities in Android Framework were exposed, showing that it is vulnerable and exploitable. However, most existing research has been limited to analyzing Android applications, while there are very few techniques and tools developed for analyzing Android Framework. To fill the gap, we develop the first system that analyzes the framework through symbolic execution, and demonstrate how the system can be applied to discovering new vulnerability instances and generating PoC exploits.
520 $a Given that symbolic execution has proven to be a very useful technique, we plan to apply the system to other purposes in future work, such as automatic API specification generation, fine-grained malware analysis, and testing.
533 $a Electronic reproduction. $b Ann Arbor, Mich. : $c ProQuest, $d 2018
538 $a Mode of access: World Wide Web
650 4 $a Computer science. $3 573171
650 4 $a Information science. $3 561178
650 4 $a Computer engineering. $3 569006
655 7 $a Electronic books. $2 local $3 554714
690 $a 0984
690 $a 0723
690 $a 0464
710 2 $a ProQuest Information and Learning Co. $3 1178819
710 2 $a The Pennsylvania State University. $b Information Sciences and Technology. $3 1179583
773 0 $t Dissertation Abstracts International $g 79-04B(E).
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=10666560 $z click for full text (PQDT)