Analyzing inter-application communication in Android
Citations
2,122 citations
1,395 citations
805 citations
707 citations
640 citations
References
2,983 citations
2,379 citations
1,008 citations
"Analyzing inter-application communi..." refers background in this paper
...Kirin [13] approaches third-party application security from the opposite perspective of our tool....
[...]
947 citations
"Analyzing inter-application communi..." refers background in this paper
...Broadcast Receivers have the ability to set their priority level for receiving ordered broadcasts....
[...]
...(Broadcast Receivers can be declared in the manifest or at runtime.)...
[...]
...Sticky broadcasts remain accessible after they have been delivered and are re-broadcast to future Receivers....
[...]
...Receivers are triggered by the receipt of an appropriate Intent and then run in the background to handle the event....
[...]
...Broadcast Receivers can specify a priority level (as an attribute of its Intent .lter) to indicate to the operating system how well-suited the component is to handle an Intent....
[...]
730 citations
Additional excerpts
...[9]....
[...]
Related Papers (5)
Frequently Asked Questions (11)
Q2. What type of analysis does ComDroid perform?
ComDroid specifically performs flowsensitive, intraprocedural static analysis, augmented with limited interprocedural analysis that follows method invocations to a depth of one method call.
Q3. What is the way to limit a component’s exposure to a set of trusted?
Requiring Signature or SignatureOrSystem permissions is an effective way of limiting a component’s exposure to a set of trusted applications.
Q4. Why do the authors treat Activities and their aliases as separate components?
The authors treat Activities and their aliases as separate components for the purpose of their analysis because an alias’s fields can increase the exposure surface of the component.
Q5. How can a receiver be dynamically created and registered?
Receivers can also be dynamically created and registered by calling registerReceiver(BroadcastReceiver receiver, IntentFilter filter).
Q6. What is the role of the Broadcast Intent in application exposure?
Their results indicate that Broadcast- and Activity- related Intents (both sending to and receiving from) play a large role in application exposure.
Q7. How does Android determine which Intents should be delivered to an exported component?
Android determines which Intents should be delivered to an exported component by matching each Intent’s fields to the component’s declaration.
Q8. What is the reason why iOS developers are unlikely to accidentally expose functionality?
iOS developers are unlikely to accidentally expose functionality because schemes are only used for public interfaces; different types of messages are used for internal communication.
Q9. What are the common bugs that are not also vulnerabilities?
Of the 181 warnings, the authors discovered 20 definite vulnerabilities, 14 spoofing vulnerabilities, and 16 common, unintentional bugs (that are not also vulnerabilities).
Q10. What is the way to make a component more secure?
To make components more secure, developers should avoid exporting components unless the component is specifically designed to handle requests from other applications.
Q11. How does a developer send an explicit Intent?
A developer sends an explicit Intent by specifying a recipient component name; the Intent is then delivered to the component with that name.