Risk Measurement Method for Privilege Escalation Attacks on Android Apps Based on Process Algebra
<p>Diagram of a privilege escalation attack.</p> "> Figure 2
<p>(<b>a</b>) comAppA key code; (<b>b</b>) comAppB key code; (<b>c</b>) comAppC key code.</p> "> Figure 2 Cont.
<p>(<b>a</b>) comAppA key code; (<b>b</b>) comAppB key code; (<b>c</b>) comAppC key code.</p> "> Figure 3
<p>(<b>a</b>) State transition diagram of Equation (6); (<b>b</b>) State transition diagram of Equation (9).</p> "> Figure 4
<p>(<b>a</b>) Weak equivalence relationship verified; (<b>b</b>) Non-equivalence relationship verified.</p> "> Figure 5
<p>(<b>a</b>) Time cost; (<b>b</b>) Space cost.</p> "> Figure 6
<p>Relationship between the number of features and transition and the measurement results.</p> "> Figure 7
<p>The size composition of the app in the test set.</p> "> Figure 8
<p>(<b>a</b>) Test set measurement results; (<b>b</b>) Weak equivalence app measurement results.</p> "> Figure 9
<p>Measurement results for app developed by the same developer.</p> ">
Abstract
:1. Introduction
- (1)
- Extraction of the attack behavior feature set and the number of transitions. Based on an analysis of the model of collusion privilege escalation attacks, six features of the app, namely dangerous permissions of the app, dangerous permissions of the components, component intent communication, sensitive API calls, sensitive data flow acquisition, and dissemination of sensitive data, are obtained as the feature set of attack behavior, and the number of transitions is extracted by using static technology.
- (2)
- Attack behavior modeling and determination. Based on the extraction of the attack behavior features set, process algebra is used to model app behavior and attack behavior, and weak equivalence is used to determine app behavior.
- (3)
- Risk measurement. According to the result of the behavior determination, the number of behavior features and the number of transitions, a measurement function is constructed to measure the risk of the single app.
- (1)
- Construction and extraction of the feature set of collusion privilege escalation attacks. After obtaining the attack behavior feature set, the static extraction method is used to extract the behavior feature set and the number of transitions of sensitive data. This is done in order to make up for the lack of collusion privilege escalation attack features in the existing app measurement methods.
- (2)
- Modeling and determination of app behavior using process algebra. The behavior of the app is modeled and determined based on semantics and the equivalence concept of process algebra, and any app that is weakly equivalent to attack behavior is measured. In view of the particularity of collusion attacks, this makes up for the inaccurate measurement results caused by the existing measurement methods that do not distinguish the equivalence relationship of test objects.
- (3)
- Construction of the measurement function and test set experiment. Based on the number of features in the feature set and the number of transitions, the measurement function is constructed. The case, benchmarks test and test set experiments are completed by using the measurement function. The experimental results show that the method is feasible and effective.
2. Related Work
- (1)
- Up to now, there has been no method to measure the credibility of a single app that constructs collusion privilege escalation attacks.
- (2)
- The existing methods do not consider the feature set of attack behavior when measuring the credibility of a single app, and they only focus on one feature.
3. Background Information
- (1)
- Definition and classification of privilege escalation attacks on android app.
- (2)
- Definition of application-layer privilege escalation.
- (3)
- Definition of confused deputy attacks.
- (4)
- Definition of collusion privilege escalation attacks.
- (5)
- Definition of privilege escalation vulnerabilities.
4. Construction and Extraction of the Attack Behavior Feature Set
4.1. Construction of the Attack Behavior Feature Set
- (1)
- ComA1 can access ComB1 that with the protection of P1.
- (2)
- ComB1 and ComC1 have the same permission P1, and ComB1 can access ComC1.
- (3)
- ComA1 accesses ComC1 through ComB1 by (1) and (2), and AppA, AppB, and AppC escalate permissions on P1.
- (1)
- F1 indicates the dangerous permissions of the application.
- (2)
- F2 indicates the dangerous permissions of the components.
- (3)
- F3 indicates the component intent communication.
- (4)
- F4 indicates the sensitive API calls.
- (5)
- F5 indicates the sensitive data flow acquisition.
- (6)
- F6 indicates the dissemination of sensitive data.
4.2. Extraction of the Attack Behavior Feature Set
- Permissions of the application
- 2.
- Permissions of components
- (1)
- The component information is extracted according to the <activity></activity> tag in the AndroidManifest.xml file.
- (2)
- The permissions of components are extracted on the basis of (1).
- 3.
- Component Intent communication
- 4.
- Sensitive API calls
- 5.
- Sensitive data flow acquisition
- 6.
- Dissemination of sensitive data
- 7.
- Applying for the dangerous permissions of the application and components
4.3. Attack Case
- (1)
- comAppA does not apply for any dangerous permission. Its component inputInfromShowActivity obtains the user’s private information (username and password) through edittext, and sends it to the component whose <intent-filter> is sensitiveInfo through the intentAppA.
- (2)
- comAppB has applied for the dangerous permission android.permission.SEND_SMS, and its component sendNewsToFriend has <intent-filter> as sensitiveInfo. The user’s private information (username and password) is obtained by bundleB and is sent to the component whose <intent-filter> is sensitiveInfoSend through intentAppB.
- (3)
- comAppC has not applied for any dangerous permission, but its component sendMessage has applied for android.permission.SEND_SMS dangerous permission and has <intent-filter> as sensitiveInfoSend. Using bundleC, the username and password are obtained and sent to the mobile phone number by SMS.
5. Attack Behavior Modeling Based on Process Algebra
5.1. Process Algebra Based on Behavior Features
- (1)
- is a summation, where I and K are any finite indexing set. is protected by , because must start activities after the action represented by occurs. It represents a collection of behaviors of a component of an app under permission.
- (2)
- represents that the component has w features at the same time.
- (3)
- ,where represents the action of message transmission; represents the action of message receipt; represents n sensitive data.
- (4)
- represents that the action is under the protection of permission P.
5.2. Attack Behavior Modeling
- (1)
- Activity, which is used to express the function.
- (2)
- Service, which runs in the background and does not provide interface presentation.
- (3)
- BroadcastReceiver, which is used to receive broadcast information.
- (4)
- ContentProvider, which supports data storage and reading across multiple applications and is equivalent to a database.
- (1)
- represents the attack behavior set under P1.
- (2)
- represents the six features of a component.
- (3)
- , where represents the action of message transmission and represents the action of message receipt. represents n sensitive data.
- (4)
- represents the behavior ofan application is protected by permission P.
6. Behavior Determination and Risk Measurement Based on Process Algebra
- (1)
- When x tends to be 6 and Y tends to be infinite, then . That is, when the more dangerous features and transition times; are closer to 1, the risk is greater.
- (2)
- When x tends to be 0 and Y tends to be 0, then . That is, when the less dangerous features and transition times; are closer to 0, the risk is smaller.
Algorithm 1. Risk measurement algorithm based on process algebra. |
1: Input: riskCom, F,attackAction, X, Y, f(x,y) 2: Output: measureValue 3: Assumption: use PR point to 4: Initialization: 5: For each component in riskCom 6: Construction attackActionF according to F 7: If Then 8: call f(x,y) 9: print measureValue 10: 11: ElseIf PA ≠ PC Then 12: print measureValue=0 13: 14: EndIf |
7. Experiment of an Attack Case
7.1. Feature Set Extraction of Attack Behavior
7.2. Attack Behavior Modeling
- (1)
- The attack behavior of comAppA is modeled as shown in Equation (5).
- (2)
- The attack behavior of comAppB is modeled as shown in Equation (6).
- (3)
- The attack behavior of comAppC is modeled as shown in Equation (7).
7.3. AppBehavior Modeling
- (1)
- The behavior of comAppA is modeled as shown in Equation (8).
- (2)
- The behavior of comAppB is modeled as shown in Equation (9).
- (3)
- The behavior of comAppC is modeled as shown in Equation (10).
- (4)
- To expand the case, assuming that the behavior component of comAppA has no Intent communication, the behavior model of comAppA is shown in Equation (11).
7.4. BehaviorDetermination
- (1)
- weak simulation verification. , each migration of the first element q, can be migrated p matching (or a series of migration, or even no migration). For example, for , has , so , using matching. Therefore, s is a weak simulation, that is, weak simulation .
- (2)
- In the same manner, the weak simulation relationship of each state in two state graphs can be verified.
- (3)
- According to the concept of weak equivalence Definition 3, S−1 can be verified as a weak simulation in the way of (1).
- (4)
- Therefore, the weak equivalence between the states in Figure 3a,b can be verified. Then, the weak equivalence between the Equations (6) and (9) is verified.
7.5. Risk Measurement
8. Method Evaluation and Effectiveness Analysis
8.1. Method Evaluation
- (1)
- Some of the APKs have some features as small size, fewer components, or fewer sensitive data transitions and attack features. In general, those APKs are non-equivalent to attacks behavior. Those APKs have less time cost and space cost.
- (2)
- Another part of APKs have the following features as larger size, more components, or a greater number of sensitive data transitions and attack features. In general, those APKs will be weak equivalent to the attack behavior. Those APKs has more time cost and space cost for this method.
- (3)
- There will be some special APKs. For example, two APKs have similar size, but because the number of components, transitions and features of first APK is far greater than second APK, the time cost and space cost of first APK are also far greater than second APK. However, it will follow the principle that with more components, or the greater number of transitions and features there, the more this method will cost in terms of time and space.
8.2. BenchmarksTest and Analysis
- (1)
- The measurement value in Table 6 is between 0.9975–0.9999, which verifies the effectiveness of this method. The three test sets have information leak of sensitive data, communication between apps and communication between components respectively. From the measurement results, it can be seen that app with the risk of such an information leak has a higher risk of privilege escalation attacks, which is consistent with the actual situation.
- (2)
- Figure 6 shows that the sum of the number of behavior features and transition is directly proportional to the measurement results. The necessity of building F and extracting migration times is verified.
8.3. Test Set Test and Analysis
8.3.1. Composition of the Test Set
8.3.2. Measurement Results and Analysis
- (1)
- The measurement results clearly show the risk degree of the attack. From Figure 8b, it can be seen that the measurement values of weakly equivalent apps with the collusion privilege escalation attack model are all above 0.86, which is consistent with the actual danger level of the app.
- (2)
- The measurement value is proportional to the number of features in the feature set and the number of transitions of sensitive data. As can be seen from Figure 8b and Figure 9, the more features and sensitive data transition times, the greater the risk measurement. However, in Figure 8a, there are some particularities, so we need to further strengthen the analysis and refine the feature set and the measurement function.
- (3)
- The risk of collusion privilege escalation attacks is higher in an app developed by the same developer. From Figure 9, it can be seen that the measurement values of weakly equivalent apps with the attack model are all above 0.95, which proves that the risk of collusion privilege escalation attacks is high.
9. Conclusions
- (1)
- Because there are many apps with measurement values in the range of 0.86–0.99, it is necessary to refine the measurement function and privilege escalation attacks behavior feature set to ensure that the measurement value is more reasonable.
- (2)
- We used the same weight of features in the feature set, and different weights can be calculated using a correlation method to improve the accuracy of the measurement.
Author Contributions
Funding
Acknowledgments
Conflicts of Interest
References
- Operating System Market Share WorldWide. Available online: https://statcounter.com (accessed on 30 August 2019).
- 360 Internet Security Center. 2018 Android Malware Special Report. Available online: https://research.360.cn/2015/reportlist.html?list=1 (accessed on 3 January 2020).
- Nokia Threat Intelligence Lab. The Coming of Age of IoT Botnets. Available online: https://onestore.nokia.com/asset/205166 (accessed on 10 November 2019).
- Xu, Y.; Ren, J.; Wang, G.; Zhang, C.; Yang, J.; Zhang, Y. A Blockchain-based Nonrepudiation Network Computing Service Scheme for Industrial IoT. IEEE Trans. Ind. Inform. 2019, 15, 3632–3641. [Google Scholar] [CrossRef]
- Xu, Y.; Zeng, Q.; Wang, G.; Zhang, C.; Ren, J.; Zhang, Y. An Efficient Privacy-Enhanced Attribute-Based Access Control Mechanism. Concurr. Comput. Pract. Exp. 2020, 32, e5556. [Google Scholar] [CrossRef]
- Jiang, X.; Mu, D.; Zhang, H. Unix Domain Sockets Applied in Android Malware Should Not Be Ignored. Information 2018, 9, 54. [Google Scholar] [CrossRef] [Green Version]
- Nokia Threat Intelligence Lab. Available online: https://pages.nokia.com/T003B6-Threat-Intelligence-Report-2019.html (accessed on 10 November 2019).
- 360 Internet Security Center. Available online: https://zt.360.cn/1101061855.php?dtid=1101061451&did=210942656 (accessed on 30 November 2019).
- Xu, Y.; Wang, G.; Ren, J.; Zhang, Y. An Adaptive and Configurable Protection Framework against Android Privilege Escalation Threats. Future Gener Comput. Syst. 2019, 92, 210–224. [Google Scholar] [CrossRef]
- Androguard. Available online: https://androguard.readthedocs.io/en/latest/ (accessed on 30 May 2020).
- Lee, S.; Ju, D.Y. Assessment of malicious applications using permissions and enhanced user interfaces on Android. In Proceedings of the 11th IEEE International Conference on Intelligence and Security Informatics (IEEE ISI), Seattle, WA, USA, 4–7 January 2013. [Google Scholar]
- Zegzhda, P.; Zegzhda, D.; Pavlenko, E.; Dremov, A. Detecting Android application malicious behaviors based on the analysis of control flows and data flows. In Proceedings of the 10th International Conference on Security of Information and Networks (SIN), Jaipur, India, 13–15 October 2017. [Google Scholar]
- Amin, A.; Eldessouki, A.; Magdy, M.T.; Abdeen, N.; Hindy, H.; Hegazy, I. AndroShield: Automated Android Applications Vulnerability Detection, a Hybrid Static and Dynamic Analysis Approach. Information 2019, 10, 326. [Google Scholar] [CrossRef] [Green Version]
- Zhou, W.M.; Zhang, Y.Q.; Liu, X.F. POSTER: A new framework against privilege escalation attacks on android. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, Berlin, Germany, 4–8 November 2013; pp. 1411–1413. [Google Scholar]
- Yamauchi, T.; Akao, Y.; Yoshitani, R.; Nakamura, Y.; Hashimoto, M. Additional Kernel Observer to Prevent Privilege Escalation Attacks by Focusing on System Call Privilege Changes. In Proceedings of the IEEE Conference on Dependable and Secure Computing (DSC), Kaohsiung, Taiwan, 10–13 December 2018. [Google Scholar]
- Heuser, S.; Negro, M.; Pendyala, P.K.; Sadeghi, A.R. DroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android. In Proceedings of the International Conference on Financial Cryptography and Data Security, Sliema, Malta, 3–7 April 2017; pp. 260–268. [Google Scholar]
- Lee, H.T.; Kim, D.; Park, M.; Cho, S.J. Protecting Data on Android Platform against Privilege Escalation Attack. Int. J. Comput. Math. 2016, 93, 401–414. [Google Scholar] [CrossRef]
- Zhao, Q.; Wang, H.Q.; Feng, G.S.; Zhao, J. Measuring method of software dependability based on Pi calculus. J. Jilin Univ. 2011, 41, 6. [Google Scholar]
- Yang, X.; Jabeen, G.; Luo, P.; Zhu, X.L.; Liu, M.H. A Unified Measurement Solution of Software Trustworthiness Based on Social-to-Software Framework. J. Comput. Sci. Technol. 2018, 33, 603–620. [Google Scholar] [CrossRef]
- Wang, D.X.; Wang, Q. Trustworthiness evidence supporting evaluation of software process trustworthiness. J. Softw. 2018, 29, 3412–3434. (In Chinese) [Google Scholar]
- Han, J.J. Risk Evaluation Based on Relationship between Function and Permission for Android App. Tianjin Univ. 2016, 15–30. [Google Scholar]
- Xu, J.F.; Wang, J.J.; Zhu, K.L.; Zhang, P.H.; Ma, Y.F. Credit index measurement method for Android application security based on AHP. J. Tsinghua Univ. 2018, 58, 2. [Google Scholar] [CrossRef]
- Li, Z.J.; Wu, C.M.; Wang, X. Assessment of Android applications risk behavior based on a sand box system. J. Tsinghua Univ. 2016, 56, 5. [Google Scholar] [CrossRef]
- Deypir, M. Entropy-based security risk measurement for Android mobile applications. Soft Comput. 2019, 23, 7303–7319. [Google Scholar] [CrossRef]
- Qing, S.H. Research progress on Android security. J. Softw. 2016, 27, 45–71. (In Chinese) [Google Scholar]
- Au, K.W.Y.; Zhou, Y.F.; Huang, Z.; Lie, D. PScout: Analyzing the Android Permission Specification. Proceedings of the 2012 ACM Conference on Computer and Communications Security; ACM: New York, NY, USA, 2012; pp. 217–228. [Google Scholar]
- Arzt, S.; Rasthofer, S.; Fritz, C.; Bodden, E.; Bartel, A.; Klein, J.; Traon, Y.L.; Octeau, D.; McDaniel, P. Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. Acm Sigplan Not. 2014, 49, 259–269. [Google Scholar] [CrossRef]
- Attack Case. Available online: https://pan.baidu.com/s/1haAdhXTDpHvJyHywisbOjQ (accessed on 5 January 2020).
- Milner, R. Communicating and Mobile Systems the Pi-Calculus; United Kingdom at the University Press: Cambridge, UK, 1999. [Google Scholar]
- The Mobility Workbench User’s Guide. Available online: http://www.it.uu.se/profundis/mwb-dist/guide-3.122.pdf (accessed on 25 April 2020).
- DroidBench-Benchmarks. Available online: https://blogs.uni-paderborn.de/sse/tools/droidbench/ (accessed on 5 April 2020).
- APK Test Set. Available online: https://pan.baidu.com/s/1m8wC4v_ugbYH_iPPK4hgBA (accessed on 5 January 2020).
- Li, H.; Shen, L.M.; Ma, C.; Liu, M.Y. Role Behavor Detection Method of Privilege EscalationAttacks for Android Applications. Int. J. Perform. Eng. 2019, 15, 1631–1641. [Google Scholar]
F1 | F2 | F3 | F4 | F5 | F6 | |
---|---|---|---|---|---|---|
comAppA | F | F | T | F | T | T |
comAppB | T | T | T | T | T | T |
comAppC | F | T | T | T | T | T |
Formula Content | Simplified Symbols | |
---|---|---|
dangerous permissions of the components | P1(F2) | p0 |
sensitive API calls | p1 | |
component intent communication | p2 | |
sensitive data flow acquisition | p3 | |
dissemination of sensitive data | F6 | p4 |
Formula Content | Simplified Symbols | |
---|---|---|
dangerous permissions of the application | P1 | q0 |
dangerous permissions of the components | q1 | |
sensitive API calls | ||
component intent communication | q2 | |
sensitive data flow acquisition | sourceSink | q3 |
dissemination of sensitive data | filterIntent | q4 |
comAppA | comAppB | comAppC | |
---|---|---|---|
number of transitions | 1 | 2 | 1 |
X | Y | Measurement Value | |
---|---|---|---|
comAppA | 3 | 1 | 0.9816843611 |
comAppB | 6 | 2 | 0.9996645373 |
comAppC | 5 | 1 | 0.9975212478 |
Test Sets and Test Objects | F | Number of Transition | Equivalence | Measurement Results | ||||||
---|---|---|---|---|---|---|---|---|---|---|
F1 | F2 | F3 | F4 | F5 | F6 | |||||
FieldAndObje-ctSensitivity | FieldSensitivity1 | T | T | F | T | T | T | 1 | Weak | 0.997521248 |
FieldSensitivity2 | T | T | F | T | T | T | 1 | Weak | 0.997521248 | |
FieldSensitivity3 | T | T | F | T | T | T | 1 | Weak | 0.997521248 | |
FieldSensitivity4 | T | T | F | T | T | T | 1 | Weak | 0.997521248 | |
ObjectSensitivity1 | T | T | F | T | T | T | 1 | Weak | 0.997521248 | |
ObjectSensitivity2 | T | T | F | T | T | T | 2 | Weak | 0.999088118 | |
InterAppCom-munication | SendSMS | T | T | T | T | T | T | 3 | Weak | 0.99987659 |
StartActivityForResult1 | T | T | T | T | T | T | 4 | Weak | 0.9999546 | |
InterCompon-entCommunic-ation | ActivityCommunication1 | T | T | F | T | T | T | 1 | Weak | 0.997521248 |
ActivityCommunication2 | T | T | T | T | T | T | 2 | Weak | 0.999664537 | |
ActivityCommunication3 | T | T | T | T | T | T | 2 | Weak | 0.999664537 | |
ActivityCommunication4 | T | T | T | T | T | T | 2 | Weak | 0.999664537 | |
ActivityCommunication5 | T | T | T | T | T | T | 2 | Weak | 0.999664537 | |
ActivityCommunication6 | T | T | T | T | T | T | 2 | Weak | 0.999664537 | |
ActivityCommunication7 | T | T | T | T | T | T | 2 | Weak | 0.999664537 | |
ActivityCommunication8 | T | T | T | T | T | T | 2 | Weak | 0.999664537 | |
BroadcastTaintAndLeak1 | T | T | T | T | T | T | 1 | Weak | 0.999088118 | |
IntentSink1 | T | T | T | T | T | T | 1 | Weak | 0.999088118 | |
IntentSink2 | T | T | T | T | T | T | 1 | Weak | 0.999088118 | |
IntentSource1 | T | T | T | T | F | T | 1 | Weak | 0.997521248 | |
ServiceCommunication1 | T | T | F | T | T | T | 1 | Weak | 0.997521248 | |
SharedPreferences1 | T | T | F | T | T | T | 1 | Weak | 0.997521248 |
Category | Working | Daily Life | Shopping | Home Control | Medical Treatment | Finance | Examination | Browser | Tourism | Beauty | Social Networks |
---|---|---|---|---|---|---|---|---|---|---|---|
number | 3 | 3 | 3 | 2 | 3 | 3 | 3 | 1 | 2 | 1 | 3 |
category | Picture browsing | Reading | System tools | News | Home-based elderly care | Study | Exercise | Wallpaper | Plug-in unit | Entertainm-ent | Research group |
number | 3 | 1 | 3 | 3 | 3 | 3 | 3 | 1 | 2 | 2 | 3 |
Same Developer | Different Developer | |
---|---|---|
Number | 16 | 38 |
Percentage | 29.6% | 70.4% |
Constituent Attack App | Hidden Dangerous App | Non-Dangerous App | |
---|---|---|---|
Number | 21 | 19 | 14 |
Percentage | 38.9% | 35.2% | 25.9% |
Package Name | F1 | F2 | F3 | F4 | F5 | F6 | Transition Number |
---|---|---|---|---|---|---|---|
gjhs.kaoshi.namespace | T | T | T | T | T | T | 110 |
com.hzxh.likerunning | F | F | T | F | T | T | 9 |
com.example.healthmonitor | T | F | F | T | T | T | 3 |
com.vpubao.zhiyue | T | F | T | T | F | T | 0 |
com.gmail.barry2015.android.easysearch_news_cn | F | F | F | F | F | F | 0 |
… | … | … | … | … | … | … | … |
Weak Equivalence App | Non-Equivalence App | |
---|---|---|
Number | 40 | 14 |
Percentage | 74.1% | 25.9% |
Package Name | Number of Features in the Feature Set | Transition Number | Decision Result | Measurement Value |
---|---|---|---|---|
gjhs.kaoshi.namespace | 6 | 110 | weak equivalence | 1 |
com.hzxh.likerunning | 3 | 9 | weak equivalence | 0.9999938558 |
com.example.healthmonitor | 4 | 3 | weak equivalence | 0.9990881180 |
com.vpubao.zhiyue | 4 | 0 | weak equivalence | 0.9816843611 |
com.gmail.barry2015.android.easysearch_news_cn | 0 | 0 | Non-equivalence | 0 |
… | … | … | … | … |
© 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Shen, L.; Li, H.; Wang, H.; Wang, Y.; Feng, J.; Jian, Y. Risk Measurement Method for Privilege Escalation Attacks on Android Apps Based on Process Algebra. Information 2020, 11, 293. https://doi.org/10.3390/info11060293
Shen L, Li H, Wang H, Wang Y, Feng J, Jian Y. Risk Measurement Method for Privilege Escalation Attacks on Android Apps Based on Process Algebra. Information. 2020; 11(6):293. https://doi.org/10.3390/info11060293
Chicago/Turabian StyleShen, Limin, Hui Li, Hongyi Wang, Yihuan Wang, Jiayin Feng, and Yuqing Jian. 2020. "Risk Measurement Method for Privilege Escalation Attacks on Android Apps Based on Process Algebra" Information 11, no. 6: 293. https://doi.org/10.3390/info11060293
APA StyleShen, L., Li, H., Wang, H., Wang, Y., Feng, J., & Jian, Y. (2020). Risk Measurement Method for Privilege Escalation Attacks on Android Apps Based on Process Algebra. Information, 11(6), 293. https://doi.org/10.3390/info11060293