NativeX: Native Executioner Freezes Android Qinsheng Hou Yao Cheng Lingyun Ying∗ QI-ANXIN Technology Research Huawei International QI-ANXIN Technology Research Institute Singapore, Singapore Institute Legendsec Information Technology
[email protected] University of Chinese Academy of (Beijing) Inc. Sciences Beijing, China Beijing, China
[email protected] [email protected] ABSTRACT Taipei, Taiwan. ACM, New York, NY, USA, 13 pages. https://doi.org/10.1145/ Android is a Linux-based multi-thread open-source operating 3320269.3384713 system that dominates 85% of the worldwide smartphone market share. Though Android has its established management for its 1 INTRODUCTION framework layer processes, we discovered for the first time that the Android is a Linux-based multi-thread open-source operating weak management of native processes is posing tangible threats system for mobile devices. It not only has gained tremendous to Android systems from version 4.2 to 9.0. As a consequence, popularity among mobile users in recent years, but also has any third-party application without any permission can freeze been used in IoT devices and various mission-critical tasks, such the system or force the system to go through a reboot by as point-of-sale devices [11], medical devices [30], on-vehicle starving or significantly delaying the critical system services using systems [5][6], and even aircraft and satellite devices [1][10]. One Android commands in its native processes. We design NativeX to of the reasons that Android has been widely adopted is that Android systematically analyze the Android source code to identify the provides compatible development support for programming in both risky Android commands.