Submit

Login Login

Register Register

Home / Journals / IASC / Online First / doi:10.32604/iasc.2024.047509
Journal Menu
Special lssues
Table of Content

All issues

Online First

2024

2023

2022

2021

2020

2019

2018

Past Issues

Open Access

ARTICLE

BArcherFuzzer: An Android System Services Fuzzier via Transaction Dependencies of BpBinder

Jiawei Qin1,2, Hua Zhang1,*, Hanbing Yan2, Tian Zhu2, Song Hu1, Dingyu Yan2
1 The State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, 100080, China
2 The National Computer Network Emergency Response Technical Team/Coordination Center of China, Beijing, 100012, China
* Corresponding Author: Hua Zhang. Email: email
(This article belongs to the Special Issue: AI Powered Human-centric Computing with Cloud/Fog/Edge)

Intelligent Automation & Soft Computing https://doi.org/10.32604/iasc.2024.047509

Received 07 November 2023; Accepted 14 March 2024; Published online 25 April 2024

Abstract

By the analysis of vulnerabilities of Android native system services, we find that some vulnerabilities are caused by inconsistent data transmission and inconsistent data processing logic between client and server. The existing research cannot find the above two types of vulnerabilities and the test cases of them face the problem of low coverage. In this paper, we propose an extraction method of test cases based on the native system services of the client and design a case construction method that supports multi-parameter mutation based on genetic algorithm and priority strategy. Based on the above method, we implement a detection tool-BArcherFuzzer to detect vulnerabilities of Android native system services. The experiment results show that BArcherFuzzer found four vulnerabilities of hundreds of exception messages, all of them were confirmed by Google and one was assigned a Common Vulnerabilities and Exposures (CVE) number (CVE-2020-0363).

Keywords

Android OS; vulnerability detection; binder; fuzz testing; genetic algorithm

  • 63

    View

  • 11

    Download

  • 0

    Like

Related articles
Copyright© 2024 Tech Science Press
© 1997-2024 TSP (Henderson, USA) unless otherwise stated

Share Link