The solution of denial of service attack on ordered broadcast Intent

摘要

The Android's message passing system provides late run-time binding between components in the same or different applications, and it promotes inter-application collaboration. However, the message passing mechanism has also numerous vulnerabilities, so that Android applications can be exposed to attacks from malicious applications. Denial of service (DoS) attack on ordered broadcasts is a typical attack that exploits vulnerabilities of message passing. A malicious application which launches the attack intercepts broadcast messages by setting itself high priority, and then aborts it to prevent other benign applications from receiving it. In this paper, we propose a security framework for detecting DoS attacks on ordered broadcasts. We insert our framework into Android platform, and then the framework inspects receivers of broadcast messages. If the framework detects any threats, it issues warning to user. Finally, we provides scenario about our framework and discuss future directions.