Understanding Android Security
IEEE Security and Privacy
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Privilege escalation attacks on android
ISC'10 Proceedings of the 13th international conference on Information security
Analyzing inter-application communication in Android
MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications, and services
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
Proceedings of the 18th ACM conference on Computer and communications security
A framework for static detection of privacy leaks in android applications
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Reducing attack surfaces for intra-application communication in android
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
PScout: analyzing the Android permission specification
Proceedings of the 2012 ACM conference on Computer and communications security
CHEX: statically vetting Android apps for component hijacking vulnerabilities
Proceedings of the 2012 ACM conference on Computer and communications security
ANDROMEDA: accurate and scalable security analysis of web applications
FASE'13 Proceedings of the 16th international conference on Fundamental Approaches to Software Engineering
Hi-index | 0.00 |
The Android® operating system builds upon already well-established permission systems but complements them by allowing application components to be reused within and across applications through a single communication mechanism, called the Intent mechanism. In this paper, we describe techniques that we developed for statically detecting Android application vulnerability to attacks that obtain unauthorized access to permission-protected information. We address three kinds of such attacks, known as confused deputy, permission collusion, and Intent spoofing. We show that application vulnerability to these attacks can be detected using taint analysis. Based on this technique, we developed PermissionFlow, a tool for discovering vulnerabilities in the byte code and configuration of Android applications. To enable PermissionFlow analysis, we developed a static technique for automatic identification of permission-protected information sources in permission-based systems. This technique identifies application programming interfaces (APIs) whose execution leads to permission checking and considers these APIs to be sources of taint. Based on this approach, we developed Permission Mapper, a component of PermissionFlow that improves on previous work by performing fully automatic identification of such APIs for Android Java® code. Our automated analysis of popular applications found that 56% of the most popular 313 Android applications actively use intercomponent information flows. Among the tested applications, PermissionFlow found four exploitable vulnerabilities. By helping ensure the absence of inter-application permission leaks, we believe that the proposed analysis will be highly beneficial to the Android ecosystem and other mobile platforms that may use similar analyses in the future.