ClickShield

Possemato, Andrea; Lanzi, Andrea; Chung, Simon P.; Lee, Wenke; Fratantonio, Yanick

doi:10.1145/3243734.3243785

Cited by 22 publications

(2 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Along with the overlay based attacks, there is also a large body of work proposing defense solutions. Possemato et al [61] surveyed 60 apps to understand how realworld apps use overlays. The derived insights (e.g., overlays at the margins are typically not problematic) can be utilized to detect suspicious overlaps potentially exploited for clickjacking purposes.…”

Section: Related Workmentioning

confidence: 99%

Beyond the Surface: Uncovering the Unprotected Components of Android Against Overlay Attack

Zhou,

Wu,

Qian

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Overlay is a notable user interface feature in the Android system, which allows an app to draw over other apps' windows. While overlay enhances user experience and allows concurrent app interaction, it has been extensively abused for malicious purposes, such as "tapjacking", leading to so-called overlay attacks. In order to combat this threat, Google introduced a dedicated window flag SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS to protect critical system apps' windows against overlay attacks. Unfortunately, the adequacy of such protection in the Android system remains unstudied, with a noticeable absence of clear usage guidelines.To bridge the gap, in this paper, we conduct the first systematic study on the unprotected windows of system apps against overlay attacks. We propose a comprehensive guideline and then design and develop a new tool named OverlayChecker to identify the missing protections in Android system apps. To verify the uncovered issues, we also design and create Proof-of-Concept apps. After applying OverlayChecker to 8 commercial Android systems on 4 recently released Android versions, we totally discovered 49 vulnerable system apps' windows. We reported our findings to the mobile vendors, including Google, Samsung, Vivo, Xiaomi, and Honor. At the time of writing, 15 of them have been confirmed. 5 CVEs have been assigned, and 3 of them are rated high severity. We also received bug bounty rewards from these mobile vendors.

show abstract

Section: Related Workmentioning

confidence: 99%

Beyond the Surface: Uncovering the Unprotected Components of Android Against Overlay Attack

Zhou,

Wu,

Qian

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…Using static analysis for detecting authentication. Static analysis techniques have been extensively used in previous work, for instance for detecting malicious application logic on Android or Web application [9,15,22], and for detecting privacy leaks in both iOS [14] and Android [16] apps. Closely related to ours is the work of Shao et al, which studies the presence of authentication in the use of Unix domain sockets on Android [25].…”

Section: Related Workmentioning

confidence: 99%

Detecting (absent) app-to-app authentication on cross-device short-distance channels

Cristalli

Bruschi

et al. 2019

Proceedings of the 35th Annual Computer Security Applications Conference

Self Cite

View full text Add to dashboard Cite

Short-distance or near-field communication is increasingly used by mobile apps for interacting or exchanging data in a cross-device fashion. In this paper, we identify a security issue, namely crossdevice app-to-app communication hijacking (or CATCH), that affect Android apps using short-distance channels (e.g., Bluetooth and Wi-Fi-Direct). This issue causes unauthenticated or malicious appto-app interactions even when the underlying communication channels are authenticated and secured. In addition to discovering the security issue, we design an algorithm based on data-flow analysis for detecting the presence of CATCH in Android apps. Our algorithm checks if a given app contains an app-to-app authentication scheme, necessary for preventing CATCH. We perform experiments on a set of Android apps and show the CATCH problem is always present on the whole analyzed applications set. We also discuss the impact of the problem in real scenarios by presenting two real case studies. At the end of the paper we reported limitations of our model along with future improvements. CCS CONCEPTS • Security and privacy → Authentication; Mobile and wireless security; Software and application security.

show abstract

Vestige: Identifying Binary Code Provenance for Vulnerability Detection

Cui

Huang

2021

Applied Cryptography and Network Security

View full text Add to dashboard Cite

ClickShield

Cited by 22 publications

References 8 publications

Beyond the Surface: Uncovering the Unprotected Components of Android Against Overlay Attack

Beyond the Surface: Uncovering the Unprotected Components of Android Against Overlay Attack

Detecting (absent) app-to-app authentication on cross-device short-distance channels

Vestige: Identifying Binary Code Provenance for Vulnerability Detection

Contact Info

Product

Resources

About