At present, fixing Android system vulnerabilities relies on official Android support and various equipment manufacturers, and it is mainly implemented by system upgrades. This situation causes many problems, such as high costs and delayed fixing of vulnerabilities. This study is performed to design a novel fixing policy construction model targeting Android system vulnerabilities, which can be used for vulnerability feature quantification and fixing policy customization. On this basis, a novel security vulnerability solution called DroidHFix is proposed and implemented. This solution constructs security policies and loads security policy files during the risky application startup. The system helps to fix Android system vulnerabilities dynamically and defend against attacks on the risky application depending on system vulnerability exploitation. Experimental results show that DroidHFix fixes the Android system vulnerabilities effectively, with good performance and compatibility.

• 出版日期2019-3
• 单位北京邮电大学