UNCOVERING AND MITIGATING UNSAFE PROGRAM INTEGRATIONS IN ANDROID

Author

Xiao Zhang, Syracuse University

Date of Award

May 2016

Degree Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Electrical Engineering and Computer Science

Advisor(s)

wenliang Du

Keywords

AFrame, Android Clipboard, Android Security, Data Residue Vulnerability, Program Integration

Subject Categories

Engineering

Abstract

Android’s design philosophy encourages the integration of resources and functionalities from multiple parties, even with different levels of trust. Such program integrations, on one hand, connect every party in the Android ecosystem tightly on one single device. On the other hand, they can also pose severe security problems, if the security design of the underlying integration schemes is not well thought-out. This dissertation systematically evaluates the security design of three integration schemes on Android, including framework module, framework proxy and 3rd-party code embedding. With the security risks identified in each scheme, it concludes that program integrations on Android are unsafe. Furthermore, new frameworks have been designed and implemented to detect and mitigate the threats. The evaluation results on the prototypes have demonstrated their effectiveness.

Access

Open Access

Recommended Citation

Zhang, Xiao, "UNCOVERING AND MITIGATING UNSAFE PROGRAM INTEGRATIONS IN ANDROID" (2016). Dissertations - ALL. 465.
https://surface.syr.edu/etd/465