Android software vulnerability mining framework based on dynamic taint analysis technology

摘要

Security vulnerability mining is at the core of Android system security research. How to effectively exploit Android system security vulnerabilities has become an important technical means to enhance the security of smartphones and protect user security and privacy. An Android software vulnerability mining framework based on dynamic taint analysis technology is designed in this paper. Firstly, it analyzes the shortcomings of existing vulnerability mining technology, then gives the detailed design of the framework, and then discusses in detail the taint propagation analysis under Java context. Complete the switching between Java context and native context taint analysis environment at runtime, instruction preprocessing and other key techniques of Android vulnerability mining based on dynamic taint analysis theory. Finally, summarizes the whole paper and puts forward the problem worthy of further study.