Netinfo Security ›› 2016, Vol. 16 ›› Issue (2): 15-21.doi: 10.3969/j.issn.1671-1122.2016.02.003

• Orginal Article • Previous Articles     Next Articles

Design and Implementation of Privilege Escalation Attack Detecting System Based on Android Platform

Tao ZHANG1, Bei PEI2(), Weiping WEN3, Zhong CHEN1   

  1. 1. School of Electronics Engineering & Computer Sciences, Peking University, Beijing 100871,China
    2. Key Lab of Information Network Security of Ministry of Public Security, Shanghai 201204,China
    3. School of Software and Microelectronics, Peking University, Beijing 102600, China
  • Received:2015-12-27 Online:2016-02-10 Published:2020-05-13

Abstract:

Along with the rapid development of Android mobile operation system, its security issue has taken attentions. In the Android, it is necessary to apply the authorities to the system for sensitive operations. Although some system modules related to authority control have been designed in the Android, the attackers still can use the system vulnerabilities or third party program vulnerabilities to carry out the privilege escalation attack, and then illegally use some functions beyond their application permissions. This kind of attack is not only a great threat to the security of the system, but also has the feature of concealment. Based on the analysis and innovation on the past research, this paper proposes a new light weight method for detecting the privilege escalation attack, which uses the control flow detection and Android sensitive authority dictionary matching. In addition, detection software with high degree of automation and high detection efficiency is designed and implemented on the basis of privilege escalation attack detecting method.

Key words: privilege escalation attack, detection, Android, control flow, authority dictionary

CLC Number: