中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 期刊论文
Title:
Direct Resource Hijacking in Android
Author: Gu, YC ; Li, Q ; Zhang, HT ; Su, PR ; Zhang, XW ; Feng, DG
Source: IEEE INTERNET COMPUTING
Issued Date: 2016
Volume: 20, Issue:5, Pages:46-56
Indexed Type: SCI
Department: Chinese Acad Sci, Inst Software, Beijing 100864, Peoples R China. Tsinghua Univ, Grad Sch Shenzhen, Shenzhen, Peoples R China. Indiana Univ, Sch Informat & Comp, Bloomington, IN 47405 USA. Samsung Res Amer, Mountain View, CA USA.
Abstract: In this article, the authors discuss a new attack called a direct resource hijacking attack (or resource hijacking attack), which directly hijacks exported components or permissions on components owned by benign applications. To tackle this vulnerability, they propose a fine-grained resource access control framework in Android and introduce a certificate-augmented resource naming mechanism. With this method, malicious apps can't hijack a victim app's permissions to steal its private data in the victim app, or hijack a victim app's components to retrieve data that's delivered to the victim app.
English Abstract: In this article, the authors discuss a new attack called a direct resource hijacking attack (or resource hijacking attack), which directly hijacks exported components or permissions on components owned by benign applications. To tackle this vulnerability, they propose a fine-grained resource access control framework in Android and introduce a certificate-augmented resource naming mechanism. With this method, malicious apps can't hijack a victim app's permissions to steal its private data in the victim app, or hijack a victim app's components to retrieve data that's delivered to the victim app.
Language: 英语
WOS ID: WOS:000387067100007
Citation statistics:
Content Type: 期刊论文
URI: http://ir.iscas.ac.cn/handle/311060/17307
Appears in Collections:软件所图书馆_期刊论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
Gu, YC,Li, Q,Zhang, HT,et al. Direct Resource Hijacking in Android[J]. IEEE INTERNET COMPUTING,2016-01-01,20(5):46-56.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[Gu, YC]'s Articles
[Li, Q]'s Articles
[Zhang, HT]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[Gu, YC]‘s Articles
[Li, Q]‘s Articles
[Zhang, HT]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2019  中国科学院软件研究所 - Feedback
Powered by CSpace