Android has been pointed in recent researches it is easy suffered from app's privilege-escalation attacks. But most of the researches focus on confused deputy attacks, and they are lack of consideration about collusion attacks. In this paper, Android's security framework is analyzed, and the defense methods for the collusion attacks are studied. Also, a new system level security framework for Android be designed and implemented, in order to taming the potential collusion attacks exploiting its vulnerabilities.%最近的研究纷纷指出Android系统易遭受应用级的抬权攻击.但这些研究大都注重该类攻击中的混淆代理人攻击,而对其中的联合攻击缺乏考虑.文章分析了Android安全框架的实现设计与实现,并研究了联合攻击的防御方法,针对Android恶意程序,设计并实现一个系统级框架,以应对潜在的联合攻击,弥补Android系统易被抬权的漏洞.
展开▼