Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Android application concurrent vulnerability detection system

A vulnerability detection, Android technology, applied in computer security devices, instruments, electrical digital data processing, etc., can solve the problems of concurrent vulnerabilities cannot be detected, high false positive detection results, etc.

Active Publication Date: 2017-03-22
NANJING UNIV
View PDF2 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Furthermore, non-exchange events in incoming test cases may not cause concurrency bugs at all, making many concurrency bugs go undetected
Moreover, these methods do not validate the test results obtained, resulting in high false positive test results

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android application concurrent vulnerability detection system
  • Android application concurrent vulnerability detection system
  • Android application concurrent vulnerability detection system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In order to describe the invention more clearly, first, some terms are explained.

[0026] An Android application refers to an application that can be installed and run on an Android mobile device, and specifically refers to the resource file and bytecode file of the application when it is clearly operated.

[0027] A Java application refers to an application written in the Java language that can run on a computer equipped with a JVM.

[0028] The bytecode of an Android application is the essence of an Android application. It consists of several class files, and each of these classes contains several methods. The methods in these classes cooperate to achieve specific functions.

[0029] The Android virtual machine refers to the executor of the Android application runtime. It is a special JVM that is specially used to interpret and execute the bytecode instructions of the Android application.

[0030] The Android application GUI component refers to the part that can be ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an Android application concurrent vulnerability detection system. The system comprises a concurrent vulnerability analysis module, an application plug-in mounting module and an application performance module. The concurrent vulnerability analysis module is used for analyzing potential concurrent vulnerabilities in an application and transmitting the potential concurrent vulnerabilities to the application instrumentation module. The application instrumentation module carries out instrumentation on a statement capable of changing thread scheduling at a position of suspected data race code according to a detection result of the concurrent vulnerability analysis module, carries out instrumentation on control code capable of blocking thread operation at the position of a background thread entrance method and carries out instrumentation on background service for obtaining application operation moment state information. The application performance module operates the instrumented application, generates paired suspected events and sends the events to the application, thereby triggering potential concurrent vulnerabilities. According to the system, the detection result is accurate and efficient, and a whole process is automated without extra participation of a user.

Description

technical field [0001] The invention relates to a loophole detection system, in particular to an Android application concurrent loophole detection system. Background technique [0002] Because the Android mobile operating system is an open source platform, it has attracted many application developers, making the Android system occupy a huge share in the mobile device market in recent years. Concurrency is a very critical feature for Android applications, and when the application is processing background tasks, it should also be able to respond quickly to incoming events. However, concurrent programs are becoming increasingly difficult to develop, test, and debug. For this reason, Android officials provide a series of constraints to avoid concurrency vulnerabilities, such as UI operations must be completed in the main thread. Unfortunately, as applications become more and more complex, developers cannot properly understand the application's behavior, resulting in a large nu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/033
Inventor 许畅马晓星吕建李其玮蒋炎岩
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products