PROJECT TITLE :
VulHunter: Toward Discovering Vulnerabilities in Android Applications
With the prosperity of the Android app economy, many apps have been published and sold in various markets. However, short development cycles and insufficient security development pointers have led to many vulnerable apps. Although some systems are developed for automatically discovering specific vulnerabilities in apps, their effectiveness and efficiency are typically restricted because of the exponential growth of ways to examine and simplified assumptions. In this article, the authors propose a brand new static-analysis framework for facilitating security analysts to detect vulnerable apps from 3 aspects. 1st, they propose an app property graph (APG), a replacement knowledge structure containing detailed and precise data from apps. Second, by modeling app-related vulnerabilities as graph traversals, the authors conduct graph traversals over APGs to spot vulnerable apps for easing the identification method. Third, they reduce the workload of manual verification by removing infeasible methods and generating attack inputs whenever attainable. They need implemented the framework in a system named VulHunter with nine,a hundred forty five lines of Java code and modeled five types of vulnerabilities. Checking 557 popular apps that are randomly collected from Google Play and have at least 1 million installations, the authors found that 375 apps (sixty seven.3 %) have at least one vulnerability.
Did you like this research project?
To get this research project Guidelines, Training and Code... Click Here