針對 Android 與 Windows Mobile 自動產生攻擊測試輸入

Abstract

市集軟體(APPs)已成為重要的手機平台應用開發與使用方式。目前以Apple, Microsoft 與Google 提供之市集軟體平台為主，其內部也有相關軟體稽核機制，檢查是否符合平 台規範、使用到未公開之API、或隱藏惡意行為等。但另一方面，即使連微軟發行之軟 體不可避免地，每週都會有一次重要的patch 需求，而這些市集軟體開發者身份不明 確（僅通過信用卡卡號的查核），品質並無法確保，因此在市集軟體上架前，必須有惡 意攻擊測試的確認。本研究將運用KLEE symbolic virtual machine，並結合QEMU processor emulation 能力，針對Android 與Microsoft Mobile 市集軟體進行惡意 攻擊測試，運用fuzzing 技術產生可能之不穩定情況，並產生可能之攻擊程式。 我們第一年將建立Android 與Windows Mobile 平台之symbolic execution 模擬能 力，評估針對APPs 進行符號執行與測試的可行性。第二年將根據APPs 符號執行環 境，進行惡意攻擊測試。 此研究成果將有助於國內市集軟體平台之發展與建置。市集軟體上架之品質確認是維繫 市集軟體之推廣最重要的關卡之一。

Market Software (APPs) usage has become an important software release and application style for mobile phone platforms. Currently, Apple, Microsoft, and Google provide the primary market software service platforms, with internal software auditing processes, by checking if the software is compliant to the platform regulations, avoiding uses of undocumented APIs, and embedding malicious behaviors. On the other hand, even the Microsoft inevitably releases vulnerable software, with weekly patch to mitigate potential threats. Those market software developers are only with identity authenticated by credit card number. Their development process cannot be assured. Therefore, a malicious attack testing must be performed before the market software released. Our project will integrate the KLEE symbolic virtual machine, and QEMU processor emulation, focusing on Android, and Microsoft Mobile APPs, performing malicious attacks. By using fuzzing tests to generate crashes, the potential exploits of APPs will be produced. We will build a symbolic execution environment for Andorid and Windows mobile in the first year, assessing the feasibility of symbolic execution and testing on APPs. In the second year, we will try to produce malicious attacks, the exploits of APPs, based on the symbolic execution environment built in the first year. The research results will benefit to the market software platform in the local service providers. The quality of the released market software will be the key to the success of this new software distribution model.