|
|
|
|
towards a formal approach for detection of vulnerabilities in the android permissions system
|
|
|
|
|
|
|
|
نویسنده
|
sayyadabdi amirhosein ,tork ladani behrouz ,zamani bahman
|
|
منبع
|
the isc international journal of information security - 2022 - دوره : 14 - شماره : 3 - صفحه:61 -69
|
|
چکیده
|
Android is a widely used operating system that employs a permission-based access control model. the android permissions system (aps) is responsible for mediating application resource requests. aps is a critical component of the android security mechanism; hence, a failure in the design of aps can potentially lead to vulnerabilities that grant unauthorized access to resources by malicious applications. in this paper, we present a formal approach for modeling and verifying the security properties of aps. we demonstrate the usability of the proposed approach by showcasing the detection of a well-knownvulnerability found in android’s custom permissions.
|
|
کلیدواژه
|
android security ,formal methods ,verification
|
|
آدرس
|
university of isfahan, faculty of computer engineering, department of software engineering, iran, university of isfahan, faculty of computer engineering, department of software engineering, iran, university of isfahan, mdse research group, department of software engineering, iran
|
|
پست الکترونیکی
|
zamani@eng.ui.ac.ir
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|