On the effectiveness of API-level access control using bytecode rewriting in Android

Hao, Hao; Singh, Vineet; Du, Wenliang

doi:10.1145/2484313.2484317

Cited by 45 publications

(26 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For Policy Manager, the main implementation detail that needs to be explained is how Policy Manager communicates with instrumented apps to enforce control policies. Java Instrumentation Java Instrumentation (or bytecode rewriting) techniques generally undergo three steps as disassembling, modifying assembly code, and reassembling [16,17,19]. They make modifications to the intermediate assembly code files (like smali [20]) generated by disassembling tools (like apktool [21]) and reassemble the modified code into a new dex file.…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Sensor Guardian: prevent privacy inference on Android sensors

Bai

Yin

Wang

2017

EURASIP J. on Info. Security

View full text Add to dashboard Cite

Privacy inference attacks based on sensor data is an emerging and severe threat on smart devices, in which malicious applications leverage data from innocuous sensors to infer sensitive information of user, e.g., utilizing accelerometers to infer user's keystroke. In this paper, we present Sensor Guardian, a privacy protection system that mitigates this threat on Android by hooking and controlling applications' access to sensors. Sensor Guardian inserts hooks into applications by statically instrumenting their APK (short for Android Package Kit) files and enforces control policies in these hooks at runtime. Our evaluation shows that Sensor Guardian can effectively and efficiently mitigate the privacy inference threat on Android sensors, with negligible overhead during both static instrumentation and runtime control.

show abstract

Section: Methodsmentioning

confidence: 99%

“…Hao et al [19] showed the possibility that Android apps can access system services directly through IPC to evade API-level access control. To prevent such an evasion, we hook the Binder IPC to prevent apps from accessing sensors in such a direct way.…”

Section: Methodsmentioning

confidence: 99%

Sensor Guardian: prevent privacy inference on Android sensors

Bai

Yin

Wang

2017

EURASIP J. on Info. Security

View full text Add to dashboard Cite

show abstract

“…Another widely researched technique to protect Android systems is Dalvik bytecode rewriting [20]. The basic idea is to detect the portions of an application that call securitysensitive APIs and to redirect the calls to a monitor service that implements fine-grained access control.…”

Section: A System Protectionmentioning

confidence: 99%

Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications

Poeplau¹,

Fratantonio²,

Bianchi³

et al. 2014

Proceedings 2014 Network and Distributed System Security Symposium

208

155

View full text Add to dashboard Cite

Abstract-The design of the Android system allows applications to load additional code from external sources at runtime. On the one hand, malware can use this capability to add malicious functionality after it has been inspected by an application store or anti-virus engine at installation time. On the other hand, developers of benign applications can inadvertently introduce vulnerabilities. In this paper, we systematically analyze the security implications of the ability to load additional code in Android. We developed a static analysis tool to automatically detect attempts to load external code using static analysis techniques, and we performed a large-scale study of 1,632 popular applications from the Google Play store, showing that loading external code in an insecure way is a problem in as much as 9.25% of those applications and even 16% of the top 50 free applications. We also show how malware can use code-loading techniques to avoid detection by exploiting a conceptual weakness in current Android malware protection. Finally, we propose modifications to the Android framework that enforce integrity checks on code to mitigate the threats imposed by the ability to load external code.

show abstract

“…Reference [10] adopted bytecode rewriting to implement fine-grained access control at the API level. Reference [11] proposed DroidTrack, a method for tracking the diffusion of personal information and preventing its leakage on Android device.…”

Section: Related Workmentioning

confidence: 99%

Access Control to Prevent Malicious JavaScript Code Exploiting Vulnerabilities of WebView in Android OS

Yamauchi

2015

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYAndroid applications that using WebView can load and display web pages. Interaction with web pages allows JavaScript code within the web pages to access resources on the Android device by using the Java object, which is registered into WebView. If this WebView feature were exploited by an attacker, JavaScript code could be used to launch attacks, such as stealing from or tampering personal information in the device. To address these threats, we propose an access control on the security-sensitive APIs at the Java object level. The proposed access control uses static analysis to identify these security-sensitive APIs, detects threats at runtime, and notifies the user if threats are detected, thereby preventing attacks from web pages.

show abstract

On the effectiveness of API-level access control using bytecode rewriting in Android

Cited by 45 publications

References 9 publications

Sensor Guardian: prevent privacy inference on Android sensors

Sensor Guardian: prevent privacy inference on Android sensors

Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications

Access Control to Prevent Malicious JavaScript Code Exploiting Vulnerabilities of WebView in Android OS

Contact Info

Product

Resources

About