中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 会议论文
Title:
Vulnerability Detection of Android System in Fuzzing Cloud
Author: Wu, Jingzheng ; Wu, Yanjun ; Yang, Mutian ; Wu, Zhifei ; Wang, Yongji
Conference Name: IEEE 6th International Conference on Cloud Computing (CLOUD)
Conference Date: JUN 27-JUL 03, 2013
Issued Date: 2013
Conference Place: Santa Clara, CA
Keyword: Android ; Fuzzing ; Cloud Computing ; Vulnerability Detection ; Security Detection
Publish Place: IEEE
Indexed Type: CPCI
ISSN: 2159-6182
ISBN: 978-0-7695-5028-2
Department: [Wu, Jingzheng; Wu, Yanjun; Yang, Mutian; Wu, Zhifei] Chinese Acad Sci, Inst Software, Beijing 100864, Peoples R China.
Abstract: The rapid growth of Android system has encountered enormous security challenges. The vulnerabilities caused by the limited security models, coarse permission system and code flaws lead to private information leakage, deny of service, potential costs, etc. To detect these vulnerabilities, some analysis and security testing methods have been presented. However, most of these methods focus on certain aspects, for example, applications, permission, or capability leakage. In this paper, we propose a new detection paradigm named Fuzzing Cloud to detect vulnerabilities in Android system. Firstly, the architecture of fuzzing cloud is introduced, and the fuzzing nodes are investigated. Then, each layer of the Android system is decomposed into separated modules, and the fuzzing test cases are created with the endless capacity of processing power and storage in fuzzing cloud. Finally, the prototype of fuzzing cloud has been implemented, and some separated modules have been tested. The experiment results show that some vulnerabilities can be detected by the fuzzing cloud. It is also believed that after small extension, fuzzing cloud can detect vulnerabilities in other systems.
English Abstract: The rapid growth of Android system has encountered enormous security challenges. The vulnerabilities caused by the limited security models, coarse permission system and code flaws lead to private information leakage, deny of service, potential costs, etc. To detect these vulnerabilities, some analysis and security testing methods have been presented. However, most of these methods focus on certain aspects, for example, applications, permission, or capability leakage. In this paper, we propose a new detection paradigm named Fuzzing Cloud to detect vulnerabilities in Android system. Firstly, the architecture of fuzzing cloud is introduced, and the fuzzing nodes are investigated. Then, each layer of the Android system is decomposed into separated modules, and the fuzzing test cases are created with the endless capacity of processing power and storage in fuzzing cloud. Finally, the prototype of fuzzing cloud has been implemented, and some separated modules have been tested. The experiment results show that some vulnerabilities can be detected by the fuzzing cloud. It is also believed that after small extension, fuzzing cloud can detect vulnerabilities in other systems.
Language: 英语
Content Type: 会议论文
URI: http://ir.iscas.ac.cn/handle/311060/16540
Appears in Collections:软件所图书馆_会议论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
Wu, Jingzheng,Wu, Yanjun,Yang, Mutian,et al. Vulnerability Detection of Android System in Fuzzing Cloud[C]. 见:IEEE 6th International Conference on Cloud Computing (CLOUD). Santa Clara, CA. JUN 27-JUL 03, 2013.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[Wu, Jingzheng]'s Articles
[Wu, Yanjun]'s Articles
[Yang, Mutian]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[Wu, Jingzheng]‘s Articles
[Wu, Yanjun]‘s Articles
[Yang, Mutian]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2020  中国科学院软件研究所 - Feedback
Powered by CSpace