All Your Sessions Are Belong to Us: Investigating Authenticator Leakage through Backup Channels on Android

Bai, Guangdong; Sun, Jun; Wu, Jiankang; Ye, Quanqi; Li, Li; Dong, Jin Song; Guo, Shanqing

doi:10.1109/iceccs.2015.17

Cited by 12 publications

(4 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, many authentication and access control schemes have proven to be ineffective in preventing malware. For example, the secrets used by authentication can be stolen/guessed by an adversary if the COTS device is compromised [53,5]. Adversaries can also use social engineering techniques to trick the operators into disclosing private credentials to bypass access control measures [54].…”

Section: Standard Endpoint Securitymentioning

confidence: 99%

Position Paper: On Using Trusted Execution Environment to Secure COTS Devices for Accessing Industrial Control Systems

Ye¹,

Tan²,

Mashima³

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

Industrial Control Systems (ICS) are traditionally designed to operate in an "air-gapped" environment. With the advent of digital technologies, many ICS are adopting IT solutions to improve interoperability and operational efficiency. Thus, the air-gap assumption no longer holds in practice. Most ICS devices today are modernized with networking capabilities to facilitate system maintenance, upgrades, and troubleshooting. Since these devices are connected to the Internet, ICS networks face the same security threats as regular IT systems. In addition, ICS operators can connect commercial off-the-shelf (COTS) equipment to ICS networks to perform operational tasks. Those COTS devices are usually personal computers or even mobile devices, which can be infected with malware and become weapons against ICS. In this position paper, we examine the design challenges of establishing trust between COTS equipment and ICS. We also present some commonly used security solutions and discuss their deployment challenges due to issues caused by legacy systems. Finally, we introduce the Trusted Execution Environment (TEE), a technology commonly available on modern COTS devices, as a trust anchor for establishing secure communications with the ICS infrastructure. We discuss some research gaps related to the use of TEE and propose some recommendations to guide future research.

show abstract

Section: Standard Endpoint Securitymentioning

confidence: 99%

Position Paper: On Using Trusted Execution Environment to Secure COTS Devices for Accessing Industrial Control Systems

Ye¹,

Tan²,

Mashima³

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…Since the password is proved to be generated by proxy, there must be a place that the proxy stored the code at somewhere that the app with user privilege could access and read. This idea was generated by recalling the analysis on a backup app called "Helium" in paper of Bai et al [23]. After a series of searching initiated by this idea, we finally located the password in a log file named videoserv.log under the directory data/local/tmp, and luckily found the first occurrence of the current password was always after the word "AUTH" in the log file.…”

Section: Dynamic Analysis On Socket Channelmentioning

confidence: 99%

“…Unlike the back-up app named Helium mentioned in the paper of Bai, et al [23], app II doesn't implement a dynamic identity schemes. That means the exploitation of app II in this project, could be conducted in a very straight forward manner.…”

Section: Exploitationmentioning

confidence: 99%

“…What developer can do to secure the communication is only applying some basic authentication since there is no way to enforce strong protection onto the socket network. That authentication is usually very weak in front of analysis [23]. Some application like "Helium", a backup/restore application mentioned in the paper written by Bai, et al, has been found using protection during the communication between application and ADB proxy.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Analyzing Use of High Privileges on Android: An Empirical Case Study of Screenshot and Screen Recording Applications

Meng,

Bai,

Liu

et al. 2018

Preprint

Self Cite

View full text Add to dashboard Cite

The number of Android smartphone and tablet users has experienced a rapid growth in the past few years and it raises users' awareness on the privacy and security of their mobile devices. The features of openness and extensibility make Android unique, attractive and competitive but meanwhile vulnerable to malicious attack. There are lots of users rooting their Android devices for some useful functions, which are not originally provided to developers and users, such as backup and taking screenshot. However, after observing the danger of rooting devices, the developers begin to look for other non-root alternatives to implement those functions. ADB workaround is one of the best known non-root alternatives to help app gain higher privilege on Android. It used to be considered as a secure practice until some cases of ADB privilege leakage have been found. In this project, we design an approach and implement a couple of tools to detect the privilege leakage in Android apps. We apply them to analyse three real-world apps with millions of users, and successfully identify three ADB privilege leaks from them. Moreover, we also conduct an exploitation of the ADB privilege in one app, and therefore we prove the existence of vulnerabilities in ADB workaround. Based on out study, we propose some suggestion to help developers create their apps that could not only satisfy users' needs but also protect users' privacy from similar attacks in future.

show abstract

Analyzing Use of High Privileges on Android: An Empirical Case Study of Screenshot and Screen Recording Applications

Meng

Bai

Liu

et al. 2019

Information Security and Cryptology

View full text Add to dashboard Cite

All Your Sessions Are Belong to Us: Investigating Authenticator Leakage through Backup Channels on Android

Cited by 12 publications

References 8 publications

Position Paper: On Using Trusted Execution Environment to Secure COTS Devices for Accessing Industrial Control Systems

Position Paper: On Using Trusted Execution Environment to Secure COTS Devices for Accessing Industrial Control Systems

Analyzing Use of High Privileges on Android: An Empirical Case Study of Screenshot and Screen Recording Applications

Analyzing Use of High Privileges on Android: An Empirical Case Study of Screenshot and Screen Recording Applications

Contact Info

Product

Resources

About