Protection against Code Obfuscation Attacks Based on Control Dependencies in Android Systems

Graa, Mariem; Boulahia, Nora Cuppens; Cuppens, Frédéric; Cavalliy, Ana

doi:10.1109/sere-c.2014.33

Cited by 11 publications

(6 citation statements)

References 13 publications

(15 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We prove the correctness and completeness of these rules and we propose a correct and complete algorithm to solve the under tainting problem [13]. In [14], we show that our approach can resist to code obfuscation attacks based on control dependencies in the Android system using the taint propagation rules. But, we do not evaluate the overhead and effectiveness of our approach and do not test a real Android applications.…”

Section: Related Workmentioning

confidence: 90%

Detection of Illegal Control Flow in Android System: Protecting Private Data Used by Smartphone Apps

Graa

Cuppens-Boulahia

Cuppens

et al. 2015

Foundations and Practice of Security

Self Cite

View full text Add to dashboard Cite

Abstract. Today, security is a requirement for smartphone operating systems that are used to store and handle sensitive information. However, smartphone users usually download third-party applications that can leak personal data without user authorization. For this reason, the dynamic taint analysis mechanism is used to control the manipulation of private data by third-party apps [9]. But this technique does not detect control flows. In particular, untrusted applications can circumvent Android system and get privacy sensitive information through control flows. In this paper, we propose a hybrid approach that combines static and dynamic analysis to propagate taint along control dependencies in Android system. To evaluate the effectiveness of our approach, we analyse 27 free Android applications. We found that 14 of these applications use control flows to transfer sensitive data. We successfully detect that 8 of them leaked private information. Our approach creates 19% performance overhead that is due to the propagation of taint in the control flow. By using our approach, it becomes possible to detect leakage of personal data through control flows.

show abstract

Section: Related Workmentioning

confidence: 90%

Detection of Illegal Control Flow in Android System: Protecting Private Data Used by Smartphone Apps

Graa

Cuppens-Boulahia

Cuppens

et al. 2015

Foundations and Practice of Security

Self Cite

View full text Add to dashboard Cite

show abstract

“…We have proposed in a previous work [10] an enhancement of the TaintDroid approach that propagates taint along control dependencies to track implicit flows in smartphones. We have shown that our previous approach can resist to code obfuscation attacks based on control dependencies in the Android system.…”

Section: Discussionmentioning

confidence: 99%

“…We are interested in these attacks because they are the most important attacks presented by siwar and al. and the other attacks are already detected [10]. We present in this section examples of these side channel attacks.…”

Section: Side Channels Attacksmentioning

confidence: 95%

Detection of Side Channel Attacks Based on Data Tainting in Android Systems

Graa

Cuppens-Boulahia

Cuppens

et al. 2017

IFIP Advances in Information and Communication Technology

Self Cite

View full text Add to dashboard Cite

Part 4: Operating System and Firmware SecurityInternational audienceMalicious third-party applications can leak personal data stored in the Android system by exploiting side channels. TaintDroid uses a dynamic taint analysis mechanism to control the manipulation of private data by third-party apps [9]. However, TaintDroid does not propagate taint in side channels. An attacker can exploit this limitation to get private data. For example, Sarwar et al. [2] present side channel class of attacks using a medium that might be overlooked by the taint-checking mechanism to extract sensitive data in Android system. In this paper, we enhance the TaintDroid system and we propagate taint in side channels using formal policy rules. To evaluate the effectiveness of our approach, we analyzed 100 free Android applications. We found that these applications use different side channels to transfer sensitive data. We successfully detected that $$35\%$$35% of them leaked private information through side channels. Also, we detected Sarwar et al. [2] side channel attacks. Our approach generates $$9\%$$9% of false positives. The overhead given by our approach is acceptable in comparison to the one obtained by TaintDroid (9% overhead)

show abstract

“…The main idea here is to add data tainting rules in order to track more data-flow and control-flow dependencies. The results are however mitigated: the obtained taint analyses contain indeed a lot of false positive data dependencies, and are thus over-tainted [33]. In the end, even if this approach gives interesting results on specific malwares, it does not lead to taint policies implementing very precise and scalable analyses.…”

Section: Introductionmentioning

confidence: 99%

“…Even if dynamic data tainting tools have become very popular, their ability to analyze information flows remains limited: recent works [31], [32], [33], [34] present malware implementing techniques preventing efficient data taint analysis. These malwares are obfuscated, so that their control flow and data flow are much more complex to reverse engineer.…”

Section: Introductionmentioning

confidence: 99%