Analyze sensitive information transmission with symbolic execution for Android

Android is one of the most widely used mobile operating system, and it is subjected to various vulnerability issues. Some of them are confused deputy attack and collusion attack, where malicious applications make use of privilege escalation by colluding permissions. Symbolic execution is proposed to...

Full description

Saved in:
Bibliographic Details
Main Author: Zhuo, Mingde
Other Authors: Liu Yang
Format: Final Year Project
Language:English
Published: 2015
Subjects:
Online Access:http://hdl.handle.net/10356/62709
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-62709
record_format dspace
spelling sg-ntu-dr.10356-627092023-03-03T20:24:29Z Analyze sensitive information transmission with symbolic execution for Android Zhuo, Mingde Liu Yang School of Computer Engineering Parallel and Distributed Computing Centre DRNTU::Engineering::Electrical and electronic engineering Android is one of the most widely used mobile operating system, and it is subjected to various vulnerability issues. Some of them are confused deputy attack and collusion attack, where malicious applications make use of privilege escalation by colluding permissions. Symbolic execution is proposed to analyze the transmission of sensitive information such as contacts or even payment details stored in the phone. By keeping track of the execution path of an application, we may be able to detect the pattern of such attacks. The work of this project provides some groundwork for future patches to work on, upon the completion of this project, the listener is able to symbolically execute Java programs that have primitive data types, the output is shown in readable XML format. In future there should be ways to incorporate current findings into Android environment in order to analyze applications, factors like the new 5.0 version of Android should also be considered. Bachelor of Engineering (Computer Science) 2015-04-27T09:03:36Z 2015-04-27T09:03:36Z 2015 2015 Final Year Project (FYP) http://hdl.handle.net/10356/62709 en Nanyang Technological University 50 p. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic DRNTU::Engineering::Electrical and electronic engineering
spellingShingle DRNTU::Engineering::Electrical and electronic engineering
Zhuo, Mingde
Analyze sensitive information transmission with symbolic execution for Android
description Android is one of the most widely used mobile operating system, and it is subjected to various vulnerability issues. Some of them are confused deputy attack and collusion attack, where malicious applications make use of privilege escalation by colluding permissions. Symbolic execution is proposed to analyze the transmission of sensitive information such as contacts or even payment details stored in the phone. By keeping track of the execution path of an application, we may be able to detect the pattern of such attacks. The work of this project provides some groundwork for future patches to work on, upon the completion of this project, the listener is able to symbolically execute Java programs that have primitive data types, the output is shown in readable XML format. In future there should be ways to incorporate current findings into Android environment in order to analyze applications, factors like the new 5.0 version of Android should also be considered.
author2 Liu Yang
author_facet Liu Yang
Zhuo, Mingde
format Final Year Project
author Zhuo, Mingde
author_sort Zhuo, Mingde
title Analyze sensitive information transmission with symbolic execution for Android
title_short Analyze sensitive information transmission with symbolic execution for Android
title_full Analyze sensitive information transmission with symbolic execution for Android
title_fullStr Analyze sensitive information transmission with symbolic execution for Android
title_full_unstemmed Analyze sensitive information transmission with symbolic execution for Android
title_sort analyze sensitive information transmission with symbolic execution for android
publishDate 2015
url http://hdl.handle.net/10356/62709
_version_ 1759854535133626368