| Direct Resource Hijacking in Android |
| Gu, YC; Li, Q; Zhang, HT; Su, PR; Zhang, XW; Feng, DG
|
| 2016
|
| 发表期刊 | IEEE INTERNET COMPUTING
 |
| ISSN | 1089-7801
|
| 卷号 | 20期号:5页码:46-56 |
| 摘要 | In this article, the authors discuss a new attack called a direct resource hijacking attack (or resource hijacking attack), which directly hijacks exported components or permissions on components owned by benign applications. To tackle this vulnerability, they propose a fine-grained resource access control framework in Android and introduce a certificate-augmented resource naming mechanism. With this method, malicious apps can't hijack a victim app's permissions to steal its private data in the victim app, or hijack a victim app's components to retrieve data that's delivered to the victim app.; In this article, the authors discuss a new attack called a direct resource hijacking attack (or resource hijacking attack), which directly hijacks exported components or permissions on components owned by benign applications. To tackle this vulnerability, they propose a fine-grained resource access control framework in Android and introduce a certificate-augmented resource naming mechanism. With this method, malicious apps can't hijack a victim app's permissions to steal its private data in the victim app, or hijack a victim app's components to retrieve data that's delivered to the victim app. |
| 收录类别 | SCI
|
| 部门归属 | Chinese Acad Sci, Inst Software, Beijing 100864, Peoples R China. Tsinghua Univ, Grad Sch Shenzhen, Shenzhen, Peoples R China. Indiana Univ, Sch Informat & Comp, Bloomington, IN 47405 USA. Samsung Res Amer, Mountain View, CA USA.
|
| 语种 | 英语
|
| WOS记录号 | WOS:000387067100007
|
| 引用统计 |
|
| 内容类型 | 期刊论文
|
| URI标识 | http://ir.iscas.ac.cn/handle/311060/17307
|
| 专题 | 中国科学院软件研究所
|
推荐引用方式
GB/T 7714 |
Gu, YC,Li, Q,Zhang, HT,et al. Direct Resource Hijacking in Android[J]. IEEE INTERNET COMPUTING,2016,20(5):46-56.
|
| APA |
Gu, YC,Li, Q,Zhang, HT,Su, PR,Zhang, XW,&Feng, DG.(2016).Direct Resource Hijacking in Android.IEEE INTERNET COMPUTING,20(5),46-56.
|
| MLA |
Gu, YC,et al."Direct Resource Hijacking in Android".IEEE INTERNET COMPUTING 20.5(2016):46-56.
|
修改评论