CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 12250 > Article
Paper
19 May 2022 Research on android application security configuration rules based on fuzzing test
Zi Nan, Xiaojian Liu
Author Affiliations +
Proceedings Volume 12250, International Symposium on Computer Applications and Information Systems (ISCAIS 2022); 122500M (2022) https://doi.org/10.1117/12.2639565
Event: International Symposium on Computer Applications and Information Systems (ISCAIS2022), 2022, Shenzhen, China
Abstract
In the official Android documentation, although it has described various configuration elements in the configuration file, some descriptions do not give accurate semantic definitions, and some descriptions do not show accurate relationships between related configuration elements, namely At present, there are uncertainties and ambiguities in the description of natural language in the document, which will cause some differences in the understanding of developers, and may cause developers to improperly configure the App to produce some security vulnerabilities. Therefore, this article mainly adopts the fuzzing-based security configuration rules research framework (ARMG) based on reading official documents, that is, for the existence of some configuration files with fuzzy semantics, the Fuzzing test method of multi-dimensional strategy is used to construct test cases. Analyze the test results to further clarify the rule definitions of related configuration items, and then use MobSF to statically analyze the sample set, and observe the compliance of the samples and the effectiveness of the rules by parsing, outputting logs, and comparing them. The final rules are used by designers or developers to improve development efficiency and better avoid software security vulnerabilities.
© (2022) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Zi Nan and Xiaojian Liu "Research on android application security configuration rules based on fuzzing test", Proc. SPIE 12250, International Symposium on Computer Applications and Information Systems (ISCAIS 2022), 122500M (19 May 2022); https://doi.org/10.1117/12.2639565
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 8 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Information security
Analytical research
Statistical analysis
Computer security
Software development
Databases
Internet
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top