Skip to main content
Ontario Tech acknowledges the lands and people of the Mississaugas of Scugog Island First Nation.

We are thankful to be welcome on these lands in friendship. The lands we are situated on are covered by the Williams Treaties and are the traditional territory of the Mississaugas, a branch of the greater Anishinaabeg Nation, including Algonquin, Ojibway, Odawa and Pottawatomi. These lands remain home to many Indigenous nations and peoples.

We acknowledge this land out of respect for the Indigenous nations who have cared for Turtle Island, also called North America, from before the arrival of settler peoples until this day. Most importantly, we acknowledge that the history of these lands has been tainted by poor treatment and a lack of friendship with the First Nations who call them home.

This history is something we are all affected by because we are all treaty people in Canada. We all have a shared history to reflect on, and each of us is affected by this history in different ways. Our past defines our present, but if we move forward as friends and allies, then it does not have to define our future.

Learn more about Indigenous Education and Cultural Services

January 20, 2016

Speaker: Di Tian, Ontario Tech University

Title: Detecting Vulnerabilities of Broadcast Receivers in Android Applications

Abstract: As being a representative mobile operating system in the world, Android OS has been part of users' daily life. Unfortunately, the rapid expansion of Android third-markets introduces malware aiming at Android applications at an alarming rate, which poses great threats to its users. Current research about the privacy leakage in Android mostly focuses on Activity, Service and Content Providers. Little attention has been paid to the vulnerability of Broadcast Receiver, which is expected to assist inter-component collaboration and facilitate component reutilization.

In this thesis, we first present a detailed analysis on vulnerabilities of Broadcast Receiver. Then, we design and develop a Broadcast Receiver Vulnerability Detection (BRVD) system that examines such vulnerabilities, using a combination of semantic analysis and taint analysis. Furthermore, we perform experimental evaluation by analyzing 55 applications from Android third-markets using the proposed system; and 132 registered receivers are found with 11 vulnerable receivers being verified. By helping protect the user's information, we believe the proposed analysis will be beneficial to the Android ecosystem.