Design and Verification of New Defense Model for Android Mobile Phone Access Vulnerability

doi:10.3969/j.issn.1006-2475.2017.09.011

Abstract

Abstract: Today, smart phone security issues more and more arouse people’s attention. Trojan, as a highly hidden and deceptive attack means, has continuously spreading on the platform, although has been widespread concern, but there is no good way to suppress. The right to mention the loopholes for the Android system security threats is enormous. Once the attacker has the opportunity to leak through the kernel memory address of the kernel, he can close the kernel memory write protection to write the kernel memory to execute malicious commands permissions, and ultimately achieve the purpose of downloading Trojans. In order to deal with this vulnerability, we first analyze SEAndroid mechanism, and propose a kernel vulnerability prevention module combining kernel enhancement and packet filtering. Based on this mechanism, we verify the validity of the proposed prevention module.

Key words: Android system, mobile phone Trojans, elevate permissions loophole, mobile phone firewall

CLC Number:

TN918

XIAO Cheng-wang, LU Jun, YU Li-geng. Design and Verification of New Defense Model for Android Mobile Phone Access Vulnerability[J]. Computer and Modernization, doi: 10.3969/j.issn.1006-2475.2017.09.011.

References

［1］吴玮斌,孟魁,徐林，等. 基于Android平台的手机木马的设计与实现［J］. 计算机技术与发展, 2014(10):155-158.
［2］王有禄. Android系统的智能手机木马攻防机制的分析［D］. 广州:广东工业大学, 2013.
［3］ Reina A, Fattori A, Cavallaro L. A system call-centric analysis and stimulation technique to automatically reconstruct Android malware behaviors［C］// The 6th European Workssuop on System Secarity. 2013:1-6.
［4］ Comparetti P M, Salvaneschi G, Kirda E, et al. Identifying dormant functionality in malware programs［C］// Proceedings of the 2010 IEEE Symposium on Security and Privacy. 2010:61-76.
［5］ Chin E, Felt A P, Greenwood K, et al. Analyzing inter-application communication in Android［C］// Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services. 2011:239-252.
［6］姚培娟,张志利,杨友红. Android智能手机安全机制解析［J］. 软件导刊, 2015(5):15-17.
［7］佟得天. 基于行为分析的Android手机木马检测技术研究［D］. 广州:中山大学, 2012.
［8］杨晶,金伟信,吴作顺. 基于Android系统的权限管理优化方案研究［J］. 电子质量, 2015(3):4-8.
［9］孙润康,展娴,邵玉如,等. Android手机安全检测与取证分析系统［J］. 信息网络安全, 2013(3):71-74.
［10］徐尉,吴敬征. Android权限滥用检测系统［J］. 计算机系统应用, 2016,25(10):39-46.
［11］ Enck W, Octeau D, McDaniel P, et al. A study of Android application security［C］// Proceedings of the 20th USENIX Conference on Security. 2011:21-44.
［12］陈宏伟,熊焰,黄文超,等. 基于关联分析的Android权限滥用攻击检测系统［J］. 计算机系统应用, 2016,25(4):36-42.
［13］张苏颖. 基于Android系统的手机防火墙的设计及实现研究［J］. 信息与电脑(理论版), 2012(12):41-42.
［14］卜哲,徐子先. 基于Android系统的智能终端软件行为分析方法［J］. 信息网络安全, 2012(3):32-34.
［15］南秦博,慕德俊,侯艳艳. 基于Android平台的手机防盗安全软件设计与实现［J］. 现代电子技术, 2015(4):46-49.
［16］张涛,裴蓓,文伟平,等. 一种安卓平台下提权攻击检测系统的设计与实现［J］. 信息网络安全, 2016(2):15-21.
［17］王聪,张仁斌,李钢. Android系统权限提升攻击检测技术［J］. 传感器与微系统, 2017,36(1):146-148.

[1]	WANG Zhi-hua, KONG Jian-shou, GAO Yuan. Development of Mobile Visible Monitoring and Control System for Intelligent Substation [J]. Computer and Modernization, 2017, 0(5): 56-596,66.
[2]	JIANG Jian-hua, ZHANG Guang-yun. A Meteorological Service System Based on Android Mobile Terminal [J]. Computer and Modernization, 2015, 0(10): 69-72.
[3]	DI San-yun, SONG Li-hong, ZHANG Kai. A Mobile Phone Sign-in System Based on Android [J]. Computer and Modernization, 2014, 0(7): 104-108.