DaVinci: Android App Analysis Beyond Frida via Dynamic System Call Instrumentation

Druffel, Alexander; Heid, Kris

doi:10.1007/978-3-030-61638-0_26

Cited by 8 publications

(7 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[96]- [101]. Hence, the suspicious usage of these toolkits needs to be detected and stopped automatically to avoid any kind of cyberattacks.…”

Section: Prevention Of Development and Engineering Toolkits Misusementioning

confidence: 99%

Towards the Advancement of Cashless Transaction: A Security Analysis of Electronic Payment Systems

Moon¹,

Shamsuzzaman²,

Mridha³

et al. 2022

JCC

View full text Add to dashboard Cite

In recent decades, day-to-day lifestyle requires online payments as easy and simple solutions to several financial transactions, which makes the concept of Electronic payment Systems very popular in the growth of a cashless society. In fact, cashless transactions through simple mobile apps are not merely a concept anymore rather are implemented robustly and being used extensively. On the dark side, obvious financial benefits are making these apps vulnerable to being attacked, which can be successful through security breaches. These cybersecurity issues need to be traced out and resolved to make the financial transactions through an app secure and trustworthy. In this paper, several related papers are analyzed to trace out possible cybersecurity issues in the domain of Electronic Transaction System. The objective is to establish sufficient theoretical background to propose methodologies for measuring security issues and also identify the security strength of any FinTech application and provide standard security metrics.

show abstract

“…[96]- [101]. Hence, the suspicious usage of these toolkits needs to be detected and stopped automatically to avoid any kind of cyberattacks.…”

Section: Prevention Of Development and Engineering Toolkits Misusementioning

confidence: 99%

Towards the Advancement of Cashless Transaction: A Security Analysis of Electronic Payment Systems

Moon¹,

Shamsuzzaman²,

Mridha³

et al. 2022

JCC

View full text Add to dashboard Cite

show abstract

“…Balinsky et al [16] describe a method to prevent data leaks with system call interception and DAVINCI [17] uses system call hooking to build a fully transparent dynamic analysis tool for Android apps. Somy et al [18] propose a sandbox architecture for serverless functions based on system call monitoring and whitelisting.…”

Section: Related Workmentioning

confidence: 99%

Unobtrusive Mechanism Interception

Lampe

Sommer

Sterz

et al. 2022

2022 IEEE 47th Conference on Local Computer Networks (LCN)

View full text Add to dashboard Cite

Networked systems and applications are often based on proprietary hardware/software components that manufacturers might not be willing to adapt or update if new requirements arise. We present mechanism interception, a novel approach to unobtrusively add or modify functionality to/of an existing networked system or application without touching any proprietary components. Behavioral changes are achieved by functionality-enhancing yet unobtrusive interceptors, i.e., components introduced between systems and their environments adding or updating mechanisms. We illustrate our approach by unobtrusively adding a vertical handover mechanism between Wi-Fi and LTE to a mobile end device without disconnecting TCP sessions. Our results indicate that mechanism interception is a compelling approach to achieve improved service quality and provide previously unavailable functionality.

show abstract

“…As far as we know, there are few academic works describing or discussing specific antifrida techniques. Druffel et al [17] explains that interception can be bypassed with inline assembly system calls. They present DaVinci, an Android kernel space tool for dynamic application analysis.…”

Section: Related Workmentioning

confidence: 99%

Detecting and bypassing frida dynamic function call tracing: exploitation and mitigation

Soriano-Salvador

Guardiola-Múzquiz

2022

J Comput Virol Hack Tech

View full text Add to dashboard Cite

Frida is a powerful dynamic analysis tool that uses different mechanisms to hijack the control flow of the analyzed process and is capable of communicating with external tools. The code of the process is manipulated to intercept the function calls and analyze them. Frida is * This work is partially funded under the Proyectos de Generación de Conocimiento 2021 call of Ministry of Science and Innovation of Spain co-funded by the European Union, project PID2021-126592OB-C22 CASCAR/DMARCE. commonly used to analyze suspicious programs and malware. Nevertheless, the function call interception mechanisms can be circumvented by malicious code. In this paper, we describe the different techniques to detect Frida and a novel technique to bypass those interception mechanisms. We also describe a generic mitigation method based on standard Linux capabilities, specifically the Page Table Entry (PTE) inspection mechanisms. This method is generic and does not depend on specialized hardware. Finally, we present an open source implementation, gopper, a lightweight stand-alone tool that watches a process to detect anomalous and suspicious behaviors without interference.

show abstract

DaVinci: Android App Analysis Beyond Frida via Dynamic System Call Instrumentation

Cited by 8 publications

References 8 publications

Towards the Advancement of Cashless Transaction: A Security Analysis of Electronic Payment Systems

Towards the Advancement of Cashless Transaction: A Security Analysis of Electronic Payment Systems

Unobtrusive Mechanism Interception

Detecting and bypassing frida dynamic function call tracing: exploitation and mitigation

Contact Info

Product

Resources

About