Android平台NFC应用漏洞挖掘技术研究

doi:10.3969/j.issn.1000-436x.2014.z2.016

Journal on Communications ›› 2014, Vol. 35 ›› Issue (Z2): 117-123.doi: 10.3969/j.issn.1000-436x.2014.z2.016

• Papers • Previous Articles Next Articles

Research of discovering vulnerabilities of NFC applications on Android platform

Zhi-qiang WANG¹,Qi-xu LIU²,Yu-qing ZHANG²

¹ State Key Laboratory of Integrated Services Networks,Xidian University,Xi’an 710071,China
² National Computer Network Intrusion Protection Center,University of Chinese Academy of Sciences,Beijing 101408,China

Online:2014-11-25 Published:2017-06-19
Supported by:
The National Natural Science Foundation of China;The National Natural Science Foundation of China;The National Development and Reform Commission Special Notice of Information Security

Abstract

Abstract:

To improve the security of NFC technology,a research is done for discovering NDEF vulnerabilities of NFC applications on Android platform,and a method of bug hunting is proposed on based Fuzzing technology.The method adopts manual craft,the generation and the mutation strategies to construct test cases,and uses two assistant means of analyzing and constructing test cases,including reverse message anylysis and packet sniffing.Then,NFC applications’ vulnerabilities with constructed test cases and output results are discovered.According to the method,a system called ANDEFVulFinder is developed for discovering the security vulnerabilities of NFC applications.The tool logcat and process monitoring are used to monitor targets’ exceptions during the discovering process,and the test is automated

Key words: near field communication, mobile devices, Fuzzing, vulnerability discovering

Zhi-qiang WANG,Qi-xu LIU,Yu-qing ZHANG. Research of discovering vulnerabilities of NFC applications on Android platform[J]. Journal on Communications, 2014, 35(Z2): 117-123.

Figures/Tables 6

References 8

[1]	MADLMAYR G , KANTNER C , GRECHENIG T . Secure Smart Embedded Devices,Platforms and Applications[M]. New York: SpringerPress, 2014: 351-367.
[2]	COSKUN V , OZDENIZCI B , OK K . A survey on near field communication (NFC) technology[J]. Wireless Personal Communications, 2013,71(3): 2259-2294.
[3]	MULLINER C . Vulnerability analysis and attacks on NFC-enabled mobile phones[A]. Proceedings of the 2009 IEEE International Conference on Availability,Reliability and Security(ARES'09)[C]. Fukuoka,Japan, 2009. 695-700.
[4]	MILLER C . Exploring the NFC attack surface[EB/OL]. .
[5]	WIEDERMANN N . Fuzzing-to-go:A test framework for Android devices[D]. Technische Universit?t München, 2012.
[6]	GUMMESON J J , PRIYANTHA B , GANESAN D ,et al. EnGarde:Protecting the mobile phone from malicious NFC interactions[A]. Proceeding of the 11th ACM annual international conference on Mobile systems,applications,and services(MobiSys’13)[C]. Taipei,China, 2013. 445-458.
[7]	NFC Forum . NFC Data Exchange Format (NDEF) Technical Specification[S]. 2006.
[8]	SUTTON M , GREENE A , AMINI P . Fuzzing:brute force vulnerability discovery[M]. New Jersey: Pearson EducationPress, 2007.

Metrics

Recommended 0

No Suggested Reading articles found!

类型	值
整型值	零值、负值与边界值：0x00,0x01,0x7F,0x80,0xFE,0xFF;0x0000,0x0001,0x7FFF,0x8000,0xFFFE,0xFFFF
字符串	长字符串：AAA…,BBB…;格式化字符串：%s,%n,%s,%x,%n%s,…
目录遍历	～/,/…,../../,\.,\..,..\..\,…
分隔符及其他	0x0A,0x1C～0x1F,0x20～0x2F,0x3A～0x40,0x5B～0x60,0x7B～0x7E

测试目标	版本	开发者
MIUI	4.1.17	谷歌/小米
TagInfo	2.00	NXP公司
TagWriter	2.3	NXP公司
NFC标签助手	1.05	上海复旦微电子集团
NFC Detail!	0.5	U＆I Reseach Lab
小木公交	3.0	Share More Studio
NFC Developer	2.1.1	Thomas Rorvik Skjolberg

方案	测试用例构造	监控手段	移植性	自动化	漏洞
文献[3]	手工构造	人工	—	—	标签内容欺骗、URL欺骗、NFC应用拒绝服务等漏洞
文献[4]	采用基于生成或基于变异的策略	logcat监控	好	高	NFC Service拒绝服务、URL欺骗、蓝牙配对等漏洞
文献[5]	基于生成的策略	Sulley进程监控	差	高	NFC Service拒绝服务、TagInfo等应用拒绝服务漏洞
ANDEFVulFinder	手工构造、基于生成和基于变异的策略	Logcat监控和top进程监控	好	高	NFC Service拒绝服务、URL欺骗、NFC应用的拒绝服务、蓝牙配对、NFC设计缺陷等漏洞

Research of discovering vulnerabilities of NFC applications on Android platform

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 6

References 8

Related Articles 8

Metrics

Recommended 0

[1]	Chunfu JIA,Shengbo YAN,Zhi WANG,Chenlu WU,Hang LI. Method to improve edge coverage in fuzzing [J]. Journal on Communications, 2019, 40(11): 76-85.
[2]	De-guang LE,Sheng-rong GONG,Shao-gang WU,Feng XU,Wen-sheng LIU. Research on RTF array overflow vulnerability detection [J]. Journal on Communications, 2017, 38(5): 96-107.
[3]	Xi CHEN,You-liang TIAN,Zhuo MA,Jian-feng MA. Research on security of mobile payment for commercial bank [J]. Journal on Communications, 2014, 35(Z2): 131-139.
[4]	. Research of discovering vulnerabilities of NFC applications on Android platform [J]. Journal on Communications, 2014, 35(Z2): 16-123.
[5]	. Research on security of mobile payment for commercial bank [J]. Journal on Communications, 2014, 35(Z2): 18-139.
[6]	Ying WANG,Yi-xian YANG,Xin-xin NIU,Li-ze GU. Smart Fuzzing method based on comparison algorithm of control flow sequences [J]. Journal on Communications, 2013, 34(4): 114-121.
[7]	. Smart fuzzing method based on comparison algorithm of control flow sequences [J]. Journal on Communications, 2013, 34(4): 13-121.
[8]	Rui-xuan LI,Xin-hua DONG,Xi-wu GU,Wan-wan ZHOU,Cong WANG. Overview of the data security and privacy-preserving of mobile cloud services [J]. Journal on Communications, 2013, 34(12): 158-166.