Skip to main content
Conference Proceedings

Static taint analysis method for intent injection vulnerability in android applications

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2017) 10581 LNCS 16-31
DOI: 10.1007/978-3-319-69471-9_2
7Citations
Citations of this article
11Readers
Mendeley users who have this article in their library.
Get full text

Abstract

In the component communication of Android application, the risk that Intent can be constructed by attackers may result in malicious component injection. To solve this problem, we develop IntentSoot, a prototype for detecting Intent injection vulnerability in both public components and private components for Android applications based on static taint analysis. It first builds call graph and control flow graph of Android application, and then tracks the taint propagation within a component, between components and during the reflection call to detect the potential Intent injection vulnerability. Experimental results validate the effectiveness of IntentSoot in various kinds of applications.

Author supplied keywords

Cite

CITATION STYLE

APA

Xiong, B., Xiang, G., Du, T., He, J. S., & Ji, S. (2017). Static taint analysis method for intent injection vulnerability in android applications. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10581 LNCS, pp. 16–31). Springer Verlag. https://doi.org/10.1007/978-3-319-69471-9_2

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free