Identifying Android Inter-app Communication Vulnerabilities Using Static and Dynamic Analysis

@article{Demissie2016IdentifyingAI,
  title={Identifying Android Inter-app Communication Vulnerabilities Using Static and Dynamic Analysis},
  author={Biniam Fisseha Demissie and Davide Ghio and Mariano Ceccato and Andrea Avancini},
  journal={2016 IEEE/ACM International Conference on Mobile Software Engineering and Systems (MOBILESoft)},
  year={2016},
  pages={255-266}
}
The Android platform is designed to facilitate inter-app integration and communication, so that apps can reuse functionalities implemented by other apps by resorting to delegation. Though this feature is usually mentioned to be the main reason for the popularity of Android, it also poses security risks to the end user. Malicious unprivileged apps can exploit the delegation model to access privileged tasks that are exposed by vulnerable apps. In this paper, we present a particularly dangerous… CONTINUE READING