Loading [MathJax]/extensions/tex2jax.js

An empirical study of the robustness of Inter-component Communication in Android

Publikation: Beitrag in Buch/Bericht/Sammelwerk/KonferenzbandAufsatz in KonferenzbandForschungPeer-Review

Autorschaft

Externe Organisationen

  • Purdue University
  • IBM Austin Research Laboratory

Details

OriginalspracheEnglisch
Titel des Sammelwerks2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2012
Seiten1-12
Seitenumfang12
PublikationsstatusVeröffentlicht - 2012
Extern publiziertJa
Veranstaltung42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2012 - , USA / Vereinigte Staaten
Dauer: 25 Juni 201228 Juni 2012

Abstract

Over the last three years, Android has established itself as the largest-selling operating system for smartphones. It boasts of a Linux-based robust kernel, a modular framework with multiple components in each application, and a security-conscious design where each application is isolated in its own virtual machine. However, all of these desirable properties would be rendered ineffectual if an application were to deliver erroneous messages to targeted applications and thus cause the target to behave incorrectly. In this paper, we present an empirical evaluation of the robustness of Inter-component Communication (ICC) in Android through fuzz testing methodology, whereby, parameters of the inter-component communication are changed to various incorrect values. We show that not only exception handling is a rarity in Android applications, but also it is possible to crash the Android runtime from unprivileged user processes. Based on our observations, we highlight some of the critical design issues in Android ICC and suggest solutions to alleviate these problems.

Zitieren

An empirical study of the robustness of Inter-component Communication in Android. / Maji, Amiya K.; Arshad, Fahad A.; Bagchi, Saurabh et al.
2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2012. 2012. S. 1-12.

Publikation: Beitrag in Buch/Bericht/Sammelwerk/KonferenzbandAufsatz in KonferenzbandForschungPeer-Review

Maji, AK, Arshad, FA, Bagchi, S & Rellermeyer, J 2012, An empirical study of the robustness of Inter-component Communication in Android. in 2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2012. S. 1-12, 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2012, USA / Vereinigte Staaten, 25 Juni 2012. https://doi.org/10.1109/DSN.2012.6263963
Maji, A. K., Arshad, F. A., Bagchi, S., & Rellermeyer, J. (2012). An empirical study of the robustness of Inter-component Communication in Android. In 2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2012 (S. 1-12) https://doi.org/10.1109/DSN.2012.6263963
Maji AK, Arshad FA, Bagchi S, Rellermeyer J. An empirical study of the robustness of Inter-component Communication in Android. in 2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2012. 2012. S. 1-12 doi: 10.1109/DSN.2012.6263963
Maji, Amiya K. ; Arshad, Fahad A. ; Bagchi, Saurabh et al. / An empirical study of the robustness of Inter-component Communication in Android. 2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2012. 2012. S. 1-12
Download
@inproceedings{505dbf30f0ec436fa3af16d7028a68eb,
title = "An empirical study of the robustness of Inter-component Communication in Android",
abstract = "Over the last three years, Android has established itself as the largest-selling operating system for smartphones. It boasts of a Linux-based robust kernel, a modular framework with multiple components in each application, and a security-conscious design where each application is isolated in its own virtual machine. However, all of these desirable properties would be rendered ineffectual if an application were to deliver erroneous messages to targeted applications and thus cause the target to behave incorrectly. In this paper, we present an empirical evaluation of the robustness of Inter-component Communication (ICC) in Android through fuzz testing methodology, whereby, parameters of the inter-component communication are changed to various incorrect values. We show that not only exception handling is a rarity in Android applications, but also it is possible to crash the Android runtime from unprivileged user processes. Based on our observations, we highlight some of the critical design issues in Android ICC and suggest solutions to alleviate these problems.",
keywords = "android, exception, fuzz, robustness, security, smartphone",
author = "Maji, {Amiya K.} and Arshad, {Fahad A.} and Saurabh Bagchi and Jan Rellermeyer",
year = "2012",
doi = "10.1109/DSN.2012.6263963",
language = "English",
isbn = "9781467316248",
pages = "1--12",
booktitle = "2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2012",
note = "42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2012 ; Conference date: 25-06-2012 Through 28-06-2012",

}

Download

TY - GEN

T1 - An empirical study of the robustness of Inter-component Communication in Android

AU - Maji, Amiya K.

AU - Arshad, Fahad A.

AU - Bagchi, Saurabh

AU - Rellermeyer, Jan

PY - 2012

Y1 - 2012

N2 - Over the last three years, Android has established itself as the largest-selling operating system for smartphones. It boasts of a Linux-based robust kernel, a modular framework with multiple components in each application, and a security-conscious design where each application is isolated in its own virtual machine. However, all of these desirable properties would be rendered ineffectual if an application were to deliver erroneous messages to targeted applications and thus cause the target to behave incorrectly. In this paper, we present an empirical evaluation of the robustness of Inter-component Communication (ICC) in Android through fuzz testing methodology, whereby, parameters of the inter-component communication are changed to various incorrect values. We show that not only exception handling is a rarity in Android applications, but also it is possible to crash the Android runtime from unprivileged user processes. Based on our observations, we highlight some of the critical design issues in Android ICC and suggest solutions to alleviate these problems.

AB - Over the last three years, Android has established itself as the largest-selling operating system for smartphones. It boasts of a Linux-based robust kernel, a modular framework with multiple components in each application, and a security-conscious design where each application is isolated in its own virtual machine. However, all of these desirable properties would be rendered ineffectual if an application were to deliver erroneous messages to targeted applications and thus cause the target to behave incorrectly. In this paper, we present an empirical evaluation of the robustness of Inter-component Communication (ICC) in Android through fuzz testing methodology, whereby, parameters of the inter-component communication are changed to various incorrect values. We show that not only exception handling is a rarity in Android applications, but also it is possible to crash the Android runtime from unprivileged user processes. Based on our observations, we highlight some of the critical design issues in Android ICC and suggest solutions to alleviate these problems.

KW - android

KW - exception

KW - fuzz

KW - robustness

KW - security

KW - smartphone

U2 - 10.1109/DSN.2012.6263963

DO - 10.1109/DSN.2012.6263963

M3 - Conference contribution

SN - 9781467316248

SP - 1

EP - 12

BT - 2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2012

T2 - 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2012

Y2 - 25 June 2012 through 28 June 2012

ER -

Von denselben Autoren