Open AccessVulnerability Parser: A Static Vulnerability Analysis System for Android Applications
Author(s) -
Yingxian Chang,
Bin Liu,
Lianri Cong,
Dengxin Hua,
Jiaming Li,
Yuanzhe Chen
Publication year - 2019
Publication title -
journal of physics. conference series
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.21
H-Index - 85
eISSN - 1742-6596
pISSN - 1742-6588
DOI - 10.1088/1742-6596/1288/1/012053
Subject(s) - computer science , android (operating system) , parsing , vulnerability (computing) , vulnerability assessment , android application , xml , static analysis , architecture , computer security , extensibility , operating system , programming language , psychology , art , psychological resilience , visual arts , psychotherapist
In the case of user information leakage, the security problem of Android applications is of great importance. How to quickly and efficiently detect Android application security vulnerabilities has become an urgent research topic in security field. Aiming at the key technologies such as vulnerability detection in Android application, architecture is proposed for static analysis of android applications, namely the Vulnerability Parser . The architecture is composed of the following components, such as APK Decompressor, Manifest.xml Parser, Vulnerability Vector, and DexParser etc. Vulnerability Vector is extensible and detection rules can be configured for different vulnerabilities. The implementation of primary components is described in detail. Preliminary experimental results demonstrate its effectiveness.