VULHUNTER: Toward Discovering Vulnerabilities In Android Applications
With the prosperity of the Android app economy, many apps have been published and sold in various markets. However, short development cycles and insufficient security development guidelines have led to many vulnerable apps. Although some systems have been developed for automatically discovering specific vulnerabilities in apps, their effectiveness and efficiency are usually restricted because of the exponential growth of paths to examine and simplified assumptions. In this article, the authors propose a new static-analysis framework for facilitating security analysts to detect vulnerable apps from three aspects. First, they propose an app property graph (APG), a new data structure containing detailed and precise information from apps. Second, by modeling app-related vulnerabilities as graph traversals, the authors conduct graph traversals over APGs to identify vulnerable apps for easing the identification process. Third, they reduce the workload of manual verification by removing infeasible paths and generating attack inputs whenever possible. They have implemented the framework in a system named VulHunter with 9,145 lines of Java code and modeled five types of vulnerabilities. Checking 557 popular apps that are randomly collected from Google Play and have at least 1 million installations, the authors found that 375 apps (67.3 percent) have at least one vulnerability.
- Existing research on automatic vulnerability discovery for applications (“apps”) usually focuses on several specific types of vulnerabilities because of the undecidability of the generic problem of spotting program vulnerabilities.
- 1, For example, ComDroid aims at Intentrelated issues (that is, unauthorized Intent receipt and Intent spoofing).
- 2, SMV-Hunter detects SSL and Transport Layer Security (TLS) man-in-the-middle vulnerabilities.
- 3, ContentScope examines the vulnerabilities of an unprotected content provider.
- 4, AndroidLeaks uncovers potential private information leakage.
- 5, Woodpecker targets capability leak vulnerabilities.
- 6, CHEX discovers component hijacking vulnerabilities.
- 7, However, these systems’ effectiveness and efficiency are usually restricted in practice due to the exponential growth of paths to examine, simplified assumptions, and the limited number of vulnerability patterns.1,8 Moreover, it is not easy to extend these systems to capture new vulnerabilities, although they share some common,components (such as constructing control-flow graphs and dataflow graphs).
DISADVANTAGES OF EXISTING SYSTEM:
- It is not easy to extend these systems to capture new vulnerabilities, although they share some common, components (such as constructing control-flow graphs and dataflow graphs).
- They did not discover vulnerable apps, and it is not clear how SCA processes those apps.
- We propose a new static-analysis framework to facilitate vulnerability discovery for apps by extracting detailed and precise information from apps and easing the identification process.
- Moreover, the framework can reduce the manual-verification workload by performing slicing and filtering out infeasible paths. To our knowledge, existing approaches cannot achieve these goals simultaneously. Moreover, defining app property graphs (APGs) and employing graph databases can scale up the vulnerability discovery process.
- Researchers are exploring an alternative vulnerability-discovery approach of facilitating security analysts by providing detailed and precise information and expert knowledge. The work closest to our approach is the code property graph (CPG),1 which combines an abstract syntax tree (AST), control-flow graph (CFG), and program dependency graph (PDG) to represent C source codes and model common vulnerabilities as graph traversals. Therefore, finding potential vulnerabilities is turned into performing graph traversals over CPGs with much better performance in terms of accuracy and flexibility.
- Although we also model vulnerabilities as graph traversals and conduct graph traversals to find vulnerable apps, significant differences exist between the two approaches.
ADVANTAGES OF PROPOSED SYSTEM:
- Capturing vulnerabilities is made easy and also modeling vulnerabilities become easy as per graph traversals.
- It reduces false positives and optimizes queries according to vulnerabilities pattern.
- System : Pentium IV 2.4 GHz.
- Hard Disk : 40 GB.
- Floppy Drive : 44 Mb.
- Monitor : 15 VGA Colour.
- Mouse :
- Ram : 512 Mb.
- MOBILE : ANDROID
- Operating system : Windows 7.
- Coding Language : Java 1.7
- Tool Kit : Android 2.3 ABOVE
- IDE : Eclipse
Chenxiong Qian Xiapu Luo Yu Le, Hong Kong Polytechnic University, Guofei Gu Texas, A&M University, “VULHUNTER: TOWARD DISCOVERING VULNERABILITIES IN ANDROID APPLICATIONS”, IEEE Computer Society 2015.