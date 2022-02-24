Schließen

  • In this work we propose PIAnalyzer, a novel approach to analyze PendingIntent related vulnerabilities. We empirically evaluate PIAnalyzer on a set of 1000 randomly selected applications from the Google Play Store and find 1358 insecure usages of Pendinglntents, including 70 severe vulnerabilities. We manually inspected ten reported vulnerabilities out of which nine correctly reported vulnerabilities, indicating a high precision. The evaluation shows that PIAnalyzer is efficient with an average execution time of 13 seconds per application.

Author details:Sascha GrossORCiDGND, Abhishek TiwariORCiD, Christian HammerORCiD
Title of parent work (English):Computer Security(ESORICS 2018), PT II
Subtitle (English):a precise approach for pendingIntent vulnerability analysis
Tag:Android; Information flow control; Intent analysis; Static analysis
