Privilege Escalation Attacks on Android

Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad‐Reza; Winandy, Marcel

doi:10.1007/978-3-642-18178-8_30

Cited by 278 publications

(187 citation statements)

References 12 publications

Supporting

Mentioning

187

Contrasting

Order By: Relevance

“…In such models, extra controls are implemented in order to prevent the called instance from being used as a deputy of an unprivileged component [22]. The issues just discussed were originally presented in [22,28,31] but referred to earlier versions of the Android platform and used different approaches to perform their analysis. Since our formalism fully captures both the interaction between components and the execution of API calls in the Android system we are convinced that the latest versions of the platform are still vulnerable to this kind of privilege escalation problems.…”

Section: Privilege Escalationmentioning

confidence: 99%

Formal Analysis of Android's Permission-Based Security Model

Betarte¹,

Campo²,

Luna³

et al. 2016

SACS

View full text Add to dashboard Cite

In this work we present a comprehensive formal specification of an idealized formulation of Android's permission model. Permissions in Android are basically tags that developers declare in their applications, more precisely in the so-called application manifest, to gain access to sensitive resources. Several analyses have recently been carried out concerning the security of the Android system. Few of them, however, pay attention to the formal aspects of the permission enforcing framework. We provide a complete and uniform formulation of several security properties using the higher order logic of the Calculus of Inductive Constructions and sketch the proofs that have been developed and verified using the Coq proof assistant. We also analyze how the changes introduced in the latest version of Android, that allows to manage permissions at runtime, impact the presented model.

show abstract

Section: Privilege Escalationmentioning

confidence: 99%

Formal Analysis of Android's Permission-Based Security Model

Betarte¹,

Campo²,

Luna³

et al. 2016

SACS

View full text Add to dashboard Cite

show abstract

“…Privilege escalation attack, an IAC vulnerability, has been studied by a large body of works [3,6,8]. Davi et al [6] show that a genuine app can be exploited at runtime and a malicious app can escalate granted permissions.…”

Section: Related Workmentioning

confidence: 99%

“…Davi et al [6] show that a genuine app can be exploited at runtime and a malicious app can escalate granted permissions. Prominent examples of privilege escalation attacks are confused deputy and collusion attacks [3].…”

Section: Related Workmentioning

confidence: 99%

ApkCombiner: Combining Multiple Android Apps to Support Inter-App Analysis

Bartel

Bissyandé

et al. 2015

ICT Systems Security and Privacy Protection

View full text Add to dashboard Cite

Abstract. Android apps are made of components which can leak information between one another using the ICC mechanism. With the growing momentum of Android, a number of research contributions have led to tools for the intra-app analysis of Android apps. Unfortunately, these state-of-the-art approaches, and the associated tools, have long left out the security flaws that arise across the boundaries of single apps, in the interaction between several apps. In this paper, we present a tool called ApkCombiner which aims at reducing an inter-app communication problem to an intra-app inter-component communication problem. In practice, ApkCombiner combines different apps into a single apk on which existing tools can indirectly perform inter-app analysis. We have evaluated ApkCombiner on a dataset of 3,000 real-world Android apps, to demonstrate its capability to support static context-aware inter-app analysis scenarios.

show abstract

“…Privilege escalation is another important problem in Android. Previous works [54,29,32,33,34,40] propose a serious of attacks by leveraging on unguarded public interfaces in vulnerable Android applications. However, Clipboard, as a system public interface with no protection, is overlooked by all of them.…”

Section: Android System Securitymentioning

confidence: 99%

Attacks on Android Clipboard

Zhang

2014

Detection of Intrusions and Malware, and Vulnerability Assessment

View full text Add to dashboard Cite

Abstract. In this paper, we perform a thorough study on the risks imposed by the globally accessible Android Clipboard. Based on the risk assessment, we formulate a series of attacks and categorize them into two groups, i.e., manipulation and stealing. Clipboard data manipulation may lead to common code injection attacks, like JavaScript injection and command injection. Furthermore, it can also cause phishing attacks, including web phishing and app phishing. Data stealing happens when sensitive data copied into the clipboard is accessed by malicious applications. For each category of attack, we analyze a large number of candidate apps and show multiple case studies to demonstrate its feasibility. Also, our app analysis process is formulated to benefit future app development and vulnerability detection. After a comprehensive exposure of the risk, we briefly discuss some potential solutions.

show abstract

Privilege Escalation Attacks on Android

Cited by 278 publications

References 12 publications

Formal Analysis of Android's Permission-Based Security Model

Formal Analysis of Android's Permission-Based Security Model

ApkCombiner: Combining Multiple Android Apps to Support Inter-App Analysis

Attacks on Android Clipboard

Contact Info

Product

Resources

About