CRAXDroid: Android 下的自動化攻擊產生系統

Abstract

"The number of mobile-connected devices will exceed the world’s population by 2014.", said Cisco. People live on mobile devices nowadays literally, and the situation is still getting worse ever since company starts to embed smart devices into accessories, for example, glasses, watches, etc. Making life better is wonderful, while losing privacy is bad. The prevalence of modern smart devices, such as smart phones and tablets, are owed to enriched third-party applications, or so-called apps. However, most mobile device users have no idea how their privacy data are potentially exposed by using or just installing apps that are badly designed. These apps may not be designed with malicious intention, but may contain software design flaws, or bugs, which could be exploited and further take over control of the device. From the moment on, invaders may pry into victims' life without its knowing. Besides privacy leakage, invaders may take victims' as a gateway or even a member of a botnet to further attack other victims. As a result, software quality becomes a critical issue on mobile devices. CRAXDroid is built as a platform aiming at vulnerability discovering and exploiting of Android apps.

"The number of mobile-connected devices will exceed the world’s population by 2014.", said Cisco. People live on mobile devices nowadays literally, and the situation is still getting worse ever since company starts to embed smart devices into accessories, for example, glasses, watches, etc. Making life better is wonderful, while losing privacy is bad. The prevalence of modern smart devices, such as smart phones and tablets, are owed to enriched third-party applications, or so-called apps. However, most mobile device users have no idea how their privacy data are potentially exposed by using or just installing apps that are badly designed. These apps may not be designed with malicious intention, but may contain software design flaws, or bugs, which could be exploited and further take over control of the device. From the moment on, invaders may pry into victims' life without its knowing. Besides privacy leakage, invaders may take victims' as a gateway or even a member of a botnet to further attack other victims. As a result, software quality becomes a critical issue on mobile devices. CRAXDroid is built as a platform aiming at vulnerability discovering and exploiting of Android apps.