Tongxin xuebao (Nov 2014)

Research of discovering vulnerabilities of NFC applications on Android platform

  • Zhi-qiang WANG,
  • Qi-xu LIU,
  • Yu-qing ZHANG

Journal volume & issue
Vol. 35
pp. 117 – 123

Abstract

Read online

To improve the security of NFC technology,a research is done for discovering NDEF vulnerabilities of NFC applications on Android platform,and a method of bug hunting is proposed on based Fuzzing technology.The method adopts manual craft,the generation and the mutation strategies to construct test cases,and uses two assistant means of analyzing and constructing test cases,including reverse message anylysis and packet sniffing.Then,NFC applications’ vulnerabilities with constructed test cases and output results are discovered.According to the method,a system called ANDEFVulFinder is developed for discovering the security vulnerabilities of NFC applications.The tool logcat and process monitoring are used to monitor targets’ exceptions during the discovering process,and the test is automated

Keywords