https://www.elliot98.top/tags/%E5%AE%89%E5%8D%93/Recent content in 安卓 on Lutong's HomepageHugozh-cnSun, 07 Apr 2019 09:16:29 +0800https://www.elliot98.top/post/lab/big4-reading-5/Sun, 07 Apr 2019 09:16:29 +0800https://www.elliot98.top/post/lab/big4-reading-5/<h1 id="understanding-open-ports-in-android-applications-discovery-diagnosis-and-security-assessment">Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment</h1> <ul> <li> <p>作者：Daoyuan Wu, Debin Gao, Rocky K. C. Chang, En He, Eric K. T. Cheng, and Robert H. Deng</p> </li> <li> <p>收录会议： Network and Distributed Systems Security (NDSS) Symposium 2019</p> </li> </ul> <h2 id="一摘要">一、摘要</h2> <p>文章主要完成了如下几件事：</p> <ul> <li>对 136 个国家的三千多 Android 设备进行测量。对流行应用和 Built-in 应用进行测量。</li> <li>对这些数据进行聚合和诊断。</li> <li>完成了三项安全评估： <ul> <li>vulnerability analysis revealing five vulnerability patterns in open ports of popular apps</li> <li>inter-device connectivity measurement in 224 cellular networks and 2,181 WiFi networks through crowdsourced network scans</li> <li>experimental demonstration of effective denial-of-service attacks against mobile open ports</li> </ul> </li> </ul> <p>之前已有的工作是发现了移动设备也有开放的端口，以及对特定应用程序使用开放端口的测试（截屏软件、文件分享软件等），但是这些工作只在局部给出了结论，而缺少对于 Open Ports in Android Application 这一个问题的宏观结果。</p>