標題: 針對 Android 與 Windows Mobile 自動產生攻擊測試輸入
Automatic Exploit Generation for Andorid and Windows Mobile Systems
作者: 黃世昆
HUANG SHIH-KUN
國立交通大學資訊工程學系(所)
公開日期: 2013
摘要: 市集軟體(APPs)已成為重要的手機平台應用開發與使用方式。目前以Apple, Microsoft
與Google 提供之市集軟體平台為主,其內部也有相關軟體稽核機制,檢查是否符合平
台規範、使用到未公開之API、或隱藏惡意行為等。但另一方面,即使連微軟發行之軟
體不可避免地,每週都會有一次重要的patch 需求,而這些市集軟體開發者身份不明
確(僅通過信用卡卡號的查核),品質並無法確保,因此在市集軟體上架前,必須有惡
意攻擊測試的確認。本研究將運用KLEE symbolic virtual machine,並結合QEMU
processor emulation 能力,針對Android 與Microsoft Mobile 市集軟體進行惡意
攻擊測試,運用fuzzing 技術產生可能之不穩定情況,並產生可能之攻擊程式。
我們第一年將建立Android 與Windows Mobile 平台之symbolic execution 模擬能
力,評估針對APPs 進行符號執行與測試的可行性。第二年將根據APPs 符號執行環
境,進行惡意攻擊測試。
此研究成果將有助於國內市集軟體平台之發展與建置。市集軟體上架之品質確認是維繫
市集軟體之推廣最重要的關卡之一。
Market Software (APPs) usage has become an important software release and
application style for mobile phone platforms. Currently, Apple, Microsoft, and
Google provide the primary market software service platforms, with internal
software auditing processes, by checking if the software is compliant to the
platform regulations, avoiding uses of undocumented APIs, and embedding
malicious behaviors. On the other hand, even the Microsoft inevitably releases
vulnerable software, with weekly patch to mitigate potential threats. Those
market software developers are only with identity authenticated by credit card
number. Their development process cannot be assured. Therefore, a malicious
attack testing must be performed before the market software released. Our
project will integrate the KLEE symbolic virtual machine, and QEMU processor
emulation, focusing on Android, and Microsoft Mobile APPs, performing malicious
attacks. By using fuzzing tests to generate crashes, the potential exploits
of APPs will be produced.
We will build a symbolic execution environment for Andorid and Windows mobile
in the first year, assessing the feasibility of symbolic execution and testing
on APPs. In the second year, we will try to produce malicious attacks, the
exploits of APPs, based on the symbolic execution environment built in the first
year.
The research results will benefit to the market software platform in the local
service providers. The quality of the released market software will be the key
to the success of this new software distribution model.
官方說明文件#: NSC101-2221-E009-037-MY2
URI: http://hdl.handle.net/11536/94005
https://www.grb.gov.tw/search/planDetail?id=2849369&docId=403300
顯示於類別:研究計畫