The Android messaging system, called intent, is a mechanism that ties components together to build applications for smartphones. Intents are kinds of messages composed of actions and data, sent by a component to another component to perform several operations, e.g. launching a user interface. The intent mechanism offers a lot of flexibility for developing Android applications, but it might also be used as an entry point for security attacks. The latter can be easily sent with intents to components, that can indirectly forward attacks to other components and so on. In this context, this paper proposes APSET, a tool for Android aPplication SEcurity Testing, which aims at detecting intent-based vulnerabilities. It takes as inputs Android applications and intent-based vulnerabilities formally expressed with models called vulnerability patterns. Then, and this is the originality of our approach, class diagrams and partial specifications are automatically generated from applications with algorithms reflecting some knowledge of the Android documentation. These partial specifications avoid false positives and refine the test result with special verdicts notifying that a component is not compliant to its specification. Furthermore, we propose a test case execution framework which supports the receipt of any exception, the detection of application crashes, and provides a final XML test report detailing the test case verdicts. The vulnerability detection effectiveness of APSET is evaluated with experimentations on randomly chosen Android applications of the Android Market.

• 出版日期2015-4