Artificial intelligent-based security testing of mobile application
Communication between the Android application is possible by using intent messages. An application could send intent messages to another application or receive intent messages from another application. Exploitation of an app is possible by an intent message. One of the vulnerabilities that an app...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2018
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/76177 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-76177 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-761772023-03-03T20:48:24Z Artificial intelligent-based security testing of mobile application Allagu Revathi Subramanian Shar Lwin Khin School of Computer Science and Engineering DRNTU::Engineering::Computer science and engineering Communication between the Android application is possible by using intent messages. An application could send intent messages to another application or receive intent messages from another application. Exploitation of an app is possible by an intent message. One of the vulnerabilities that an app can face is privilege escalation. An application that receives intents has a higher possibility of facing privilege escalation vulnerability. There are a few tools that help to detect vulnerabilities, but each tool has its flaws. In this research, a further study was made to understand about intent messages and how privilege escalation happens. With that understanding, an automated tool was created using a genetic algorithm to detect and maximise the privilege escalation attack. The tool would give a developer a deeper understanding of component encapsulation and about implicit and explicit intents. Moreover, the tool can show how the app behaviours to various incoming intents and detect potential escalation by determining which component have access to the permission API of the app. Bachelor of Engineering (Computer Science) 2018-11-22T13:56:48Z 2018-11-22T13:56:48Z 2018 Final Year Project (FYP) http://hdl.handle.net/10356/76177 en Nanyang Technological University 63 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Computer science and engineering |
| spellingShingle |
DRNTU::Engineering::Computer science and engineering Allagu Revathi Subramanian Artificial intelligent-based security testing of mobile application |
| description |
Communication between the Android application is possible by using intent messages. An application could send intent messages to another application or receive intent messages from another application. Exploitation of an app is possible by an intent message.
One of the vulnerabilities that an app can face is privilege escalation. An application that receives intents has a higher possibility of facing privilege escalation vulnerability. There are a few tools that help to detect vulnerabilities, but each tool has its flaws.
In this research, a further study was made to understand about intent messages and how privilege escalation happens. With that understanding, an automated tool was created using a genetic algorithm to detect and maximise the privilege escalation attack.
The tool would give a developer a deeper understanding of component encapsulation and about implicit and explicit intents. Moreover, the tool can show how the app behaviours to various incoming intents and detect potential escalation by determining which component have access to the permission API of the app. |
| author2 |
Shar Lwin Khin |
| author_facet |
Shar Lwin Khin Allagu Revathi Subramanian |
| format |
Final Year Project |
| author |
Allagu Revathi Subramanian |
| author_sort |
Allagu Revathi Subramanian |
| title |
Artificial intelligent-based security testing of mobile application |
| title_short |
Artificial intelligent-based security testing of mobile application |
| title_full |
Artificial intelligent-based security testing of mobile application |
| title_fullStr |
Artificial intelligent-based security testing of mobile application |
| title_full_unstemmed |
Artificial intelligent-based security testing of mobile application |
| title_sort |
artificial intelligent-based security testing of mobile application |
| publishDate |
2018 |
| url |
http://hdl.handle.net/10356/76177 |
| _version_ |
1759857796526899200 |