Computer Engineering and Applications ›› 2021, Vol. 57 ›› Issue (12): 99-104.DOI: 10.3778/j.issn.1002-8331.2003-0426

Previous Articles     Next Articles

Hierarchical Acquisition Method of Android System Service Information

GUO Zhihan, LUO Senlin, KE Dongxiang, QIN Xiaonan   

  1. School of Information and Electronics, Beijing Institute of Technology, Beijing 100081, China
  • Online:2021-06-15 Published:2021-06-10

Android系统服务信息分层获取方法

郭芷含,罗森林,柯懂湘,秦枭喃   

  1. 北京理工大学 信息与电子学院,北京 100081

Abstract:

Obtaining key information of the Android system services is beneficial to realize the vulnerability mining and security evaluation of the Android system. In order to solve the problem of high system source dependency and poor compatibility on current incomplete system service key information acquisition methods, this paper proposes a hierarchical acquisition method of Android system service information. This method establishes a complete Binder communication behavior monitoring view at the application layer, framework layer and kernel layer of the Android system and then analyzes service dependency, service process information and interface parameter specifications to gain system service key information automatically without relying on source code. The experiments of acquiring system service key information are performed on multiple Android devices, and the results show that this method can acquire multiple system service key information comprehensively and has stronger practicability.

Key words: Android, system service, key information acquisition, binder

摘要:

获取Android系统服务关键信息有利于实现对Android系统的漏洞挖掘和安全评估。为解决当前系统服务关键信息获取方法存在系统源码依赖度高、兼容性差导致的信息获取不全面的问题,提出一种Android系统服务信息分层获取方法。该方法通过在Android系统的应用层、框架层和内核层分别建立完整的Binder通信行为监控视图,解析服务依赖关系、服务进程信息与接口参数规范,在不依赖源码的前提下实现系统服务关键信息的自动化获取。在多个Android设备中进行系统服务关键信息获取实验,结果表明该方法能全面地获取多项系统服务关键信息,具备更强的实用性。

关键词: Android, 系统服务, 关键信息获取, binder