Internal report (Reports)
Automatically Exploiting Potential Component Leaks in Android Applications
Li, Li; Bartel, Alexandre; Klein, Jacques et al.
2014
 

Files


Full Text
tr-pcLeaks.pdf
Publisher postprint (942.53 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Data-flow analysis; Potential Component leaks; PCLeaks
Abstract :
[en] We present PCLeaks, a tool based on inter- component communication (ICC) vulnerabilities to perform data-flow analysis on Android applications to find potential component leaks (e.g., another component can potentially exploit the leak). To evaluate our approach, we run PCLeaks on 2000 apps, randomly selected from Google Play store. PCLeaks reports 986 potential component leaks in 185 apps. For each leak reported by PCLeaks, PCLeaksValidator automatically generates an Android app which tries to exploit the leak. By manually running a subset of the generated apps, we find that 75% of the reported leaks are exploitable leaks.
Research center :
SnT
Disciplines :
Computer science
Author, co-author :
Li, Li ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Bartel, Alexandre ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Klein, Jacques ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Le Traon, Yves ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Language :
English
Title :
Automatically Exploiting Potential Component Leaks in Android Applications
Publication date :
04 June 2014
Publisher :
SnT, Luxembourg, Luxembourg
ISBN/EAN :
978-2-87971-133-1
Report number :
TR-SnT-2014-13
Number of pages :
10
Funders :
FNR - Fonds National de la Recherche [LU]
Commentary :
Technical Report
Available on ORBilu :
since 05 June 2014

Statistics


Number of views
355 (30 by Unilu)
Number of downloads
410 (10 by Unilu)

Bibliography


Similar publications



Contact ORBilu