DroidChecker: analyzing android applications for capability leak

  • Authors:
  • Patrick P.F. Chan;Lucas C.K. Hui;S. M. Yiu

  • Affiliations:
  • The University of Hong Kong, Pokfulam, Hong Kong;The University of Hong Kong, Pokfulam, Hong Kong;The University of Hong Kong, Pokfulam, Hong Kong

  • Venue:
  • Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
  • Year:
  • 2012

Quantified Score

Hi-index 0.00

Visualization

Abstract

While Apple has checked every app available on the App Store, Google takes another approach that allows anyone to publish apps on the Android Market. The openness of the Android Market attracts both benign and malicious developers. The security of the Android platform relies mainly on sandboxing applications and restricting their capabilities such that no application, by default, can perform any operations that would adversely impact other applications, the operating system, or the user. However, a recent research reported that a genuine but vulnerable application may leak its capabilities to other applications. When being leveraged, other applications can gain extra capabilities which they are not granted originally. We present DroidChecker, an Android application analyzing tool which searches for the aforementioned vulnerability in Android applications. DroidChecker uses interprocedural control flow graph searching and static taint checking to detect exploitable data paths in an Android application. We analyzed more than 1100 Android applications using DroidChecker and found 6 previously unknown vulnerable applications including the re-nowned Adobe Photoshop Express application. We have also developed a malicious application that exploits the previously unknown vulnerability found in the Adobe Photoshop Express application. We show that the malicious application, which is not granted any permissions, can access contacts on the phone with just a few lines of code.