Xiaobo Xiang
Chinese Academy of Sciences
8 Papers
9 Citations
Xiaobo Xiang is an academic researcher from Chinese Academy of Sciences. The author has contributed to research in topics: Computer science & Android (operating system). The author has an hindex of 2, co-authored 5 publications.
Chat about Author
Papers
Memory access integrity: detecting fine-grained memory access errors in binary code
TL;DR: Memory Access Integrity (MAI) is proposed, a dynamic method to detect fine-grained memory access errors in off-the-shelf binary executables and maintains a new memory model to simulate the life cycle of memory objects and report errors when any accessing policy is violated.
Ghost in the Binder: Binder Transaction Redirection Attacks in Android System Services
Xiaobo Xiang,Ren Zhang,Hanxiang Wen,Xiaorui Gong,Baoxu Liu +4 more
- 12 Nov 2021
TL;DR: In this article, the authors propose the Binder Transaction Redirection (BiTRe) attacks, where the attacker induces the system service to transact with a customized Binder server and then attacks from the server.
4
SEPAL: Towards a Large-scale Analysis of SEAndroid Policy Customization
Dongsong Yu,Guangliang Yang,Guozhu Meng,Xiaorui Gong,Xiu Zhang,Xiaobo Xiang,Xiaoyu Wang,Yue Jiang,Kai Chen,Wei Zou,Wenke Lee,Wenchang Shi +11 more
TL;DR: Zhang et al. as mentioned in this paper proposed SEPAL, a universal tool to automatically retrieve and examine the customized policy rules, and applied the NLP technique and employed and trained a wide&deep model to quickly and precisely predict whether one rule is unregulated or not.
Breaking the Trust Circle in HarmonyOS by Chaining Multiple Vulnerabilities
Xiaobo Xiang,Xiu Zhang,Qinglei Guo,Xiaorui Gong,Baoxu Liu +4 more
- 01 Feb 2023
TL;DR: Huawei's 1+8+N strategy is a popular solution for the Internet of Everything as mentioned in this paper , but despite many security measures adopted in the protocols related to the trust circle service, still find 0day vulnerabilities.
AppChainer: investigating the chainability among payloads in android applications
Xiaobo Xiang,Yue Jiang,Qinglei Guo,Xiu Zhang,Xiaorui Gong,Baoxu Liu +5 more
TL;DR: A formal model to elucidate the relations between multiple bugs in Android applications is presented and a prototype system named AppChainer is designed and implemented to prove the effectiveness of the model.