Privilege Escalation Attack Detection Method for Android Applications
Download as PDF
DOI: 10.23977/CNCI2020091
Author(s)
Hui Li, Limin Shen, Chuan Ma, Meimei Wang, Honglei Tan and Hongwei Zhang
Corresponding Author
Limin Shen
ABSTRACT
For the problem of the user’s privacy data obtained through conspiracy attack with privilege escalation in a number of applications of the Android system, the detection method was proposed based on permission, component communication, data flow and role model. We classified the roles based on the detection of component’s communication, component’s permission and sensitive path pairs of application’s components, and finally the sensitive information flow paths in multi-role were detected, thereby the detection method constituting to privilege escalation attack for multi-application was ascertained. The experience result showed that we proposed method was effective for detect privilege escalation attack, and pointed out applications with potential security hazards.
KEYWORDS
Privilege escalation attack; privacy data; component communication; role model; sensitive path pairs