Research On Vulnerability Discovery Of Android Native Library

According to Common Vulnerabilities and Exposures statistics,the number of Android vulnerabilities has increased rapidly since 2009,and it has increased by nearly 61% in 2017 compared with 2016.Android vulnerabilities bring risks to cellphone users,including system crashes,information leakages and etc..Native library vulnerabilities accounts for 32% among these Android vulnerabilities,next to the Android kernel vulnerabilities.It is very important to study Android native library vulnerabilities for the maintenance of Android security.Through the research and analysis of the Android native library vulnerability and the existing vulnerability discovery technology,a guided symbolic execution technology based on A-star algorithm and a fuzzing test technology based on the improved genetic algorithm are proposed.The vulnerability discovery of Android native library is realized,and the accuracy and the speed are improved.The main work of this thesis is as follows:(1)Aiming at the problem that the path explosion is easy to occur which reducing the efficiency of vulnerability discovery when the traditional symbolic execution technology adopts Depth-First search algorithm,a guided symbolic execution technology based on Astar algorithm is proposed.In this technology,the A-star algorithm is used to guide program execute the code of risk area first,and the path constraint conditions of the vulnerability are obtained,thus the effective test cases are generated.At the same time,the symbolic execution is optimized by using the JNI agent method,the reuse method of basic block and the cyclic simplification method.The experimental results show that,the recognition rate of the known vulnerabilities function is increased by 10% and the speed is doubled by the guided symbolic execution technology based on the A-star algorithm compared with the traditional symbolic execution technology.(2)Aiming at the problem that the great randomness of generating variation test cases by traditional fuzzing test technology which reducing the accuracy of vulnerability discovery,a fuzzing test technology based on the improved genetic algorithm is proposed.On the basis of the test cases generated by the guided symbolic execution technology,the improved genetic algorithm is used to select,cross and mutate the initial test cases,and then the variation test cases is obtained,and the fuzzing test is optimized by using the reverse analysis method,the dynamic debugging method and the ADB logcat method.The experimental results show that,the effective test cases generated by fuzzing test technology based on improved genetic algorithm have increased by 4%,and the average fitness is increased by 5% compared with the traditional fuzzing test technology.(3)Design and implement a vulnerability discovery system of Android native library combining two technologies of symbolic execution and fuzzing test.The initial vulnerability test cases is obtained by using the guided symbolic execution technology based on the Astar algorithm first,and the high fitness test cases is generated by the fuzzing test technology based on the improved genetic algorithm then,which improves the accuracy and the speed of the vulnerability discovery technology.The experimental results show that,the accuracy of the system is increased by 7% and the speed is increased by nearly 14% compared with the fuzzing test tool Android-Fuzz.