Syracuse University SURFACE Dissertations - ALL SURFACE May 2016 UNCOVERING AND MITIGATING UNSAFE PROGRAM INTEGRATIONS IN ANDROID Xiao Zhang Syracuse University Follow this and additional works at: https://surface.syr.edu/etd Part of the Engineering Commons Recommended Citation Zhang, Xiao, "UNCOVERING AND MITIGATING UNSAFE PROGRAM INTEGRATIONS IN ANDROID" (2016). Dissertations - ALL. 465. https://surface.syr.edu/etd/465 This Dissertation is brought to you for free and open access by the SURFACE at SURFACE. It has been accepted for inclusion in Dissertations - ALL by an authorized administrator of SURFACE. For more information, please contact [email protected]. ABSTRACT Android’s design philosophy encourages the integration of resources and functionalities from multiple parties, even with different levels of trust. Such program integrations, on one hand, connect every party in the Android ecosystem tightly on one single device. On the other hand, they can also pose severe security problems, if the security design of the underlying integration schemes is not well thought-out. This dissertation systematically evaluates the security design of three integration schemes on Android, including framework module, framework proxy and 3rd-party code embedding. With the security risks identified in each scheme, it concludes that program integrations on Android are unsafe. Furthermore, new frameworks have been designed and implemented to detect and mitigate the threats. The evaluation results on the prototypes have demonstrated their effectiveness. UNCOVERING AND MITIGATING UNSAFE PROGRAM INTEGRATIONS IN ANDROID by Xiao, Zhang B.S., University of Science and Technology of China, 2010 Dissertation Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Computer & Information Science and Engineering Syracuse University May 2016 © Copyright 2016 Xiao, Zhang All Rights Reserved ACKNOWLEDGMENTS Special thanks go to my advisor, Prof. Wenliang Du, for all the guidance during my PhD study. In the previous six years, he has always been patient with my progress in academic research. From the discussions we had, I have gradually learned how to do critical thinking, and more importantly, how to be constructive when new ideas are proposed. His patience and support helped me overcome many crisis situations and finish this dissertation. I would also like to thank Prof. Pinyuen Chen, Prof. Steve Chapin, Prof. Heng Yin, Prof. Vir V. Phoha and Prof. Edmund S. Yu for agreeing to be on my thesis committee. I am extremely grateful for their time in reading my dissertation and commenting on my views. I am also grateful to my wife, Yue Zhang, who has helped me stay sane through these difficult years. No matter what decisions I made, I know she is always on my side. Her support and care helped me overcome setbacks and stay focused on my graduate study. We have been through several ups and downs in the last few years, and we will surely face new challenges together in the future. None of this would have been possible without the love and support from my family. They are always encouraging me to pursue my own dreams, which has led to this great journey of my PhD study. I am very fortunate to cooperate with several colleagues, including Kailiang Ying, Yousra Aafer, Amit Ahlawat and Zhenshen Qiu. Their efforts have helped to realize the ideas in this dissertation. I would also like to thank Tongbo Luo, Xing Jin, Haichao Zhang and Paul Ratazzi for discussing the initial ideas with me. Last but not least, I thank all my friends for the good time we had together. Our friendship has been an important piece in my life. v TABLE OF CONTENTS Page ABSTRACT ::::::::::::::::::::::::::::::::::::::: i LIST OF TABLES :::::::::::::::::::::::::::::::::::: x LIST OF FIGURES ::::::::::::::::::::::::::::::::::: xi 1 Introduction :::::::::::::::::::::::::::::::::::::: 1 1.1 Program Integration Schemes on Android ::::::::::::::::::: 2 1.2 Thesis Statement and Contributions :::::::::::::::::::::: 4 1.3 Dissertation Roadmap ::::::::::::::::::::::::::::: 6 2 Security Risks in Android Program Integrations :::::::::::::::::: 7 2.1 Framework Module ::::::::::::::::::::::::::::::: 8 2.2 Framework Proxy :::::::::::::::::::::::::::::::: 9 2.3 3rd-party Code Embedding :::::::::::::::::::::::::: 11 2.4 Problem Scope ::::::::::::::::::::::::::::::::: 14 3 Related Work ::::::::::::::::::::::::::::::::::::: 16 3.1 Android Security :::::::::::::::::::::::::::::::: 16 3.1.1 Demystification ::::::::::::::::::::::::::::: 16 3.1.2 Vulnerability Exploration ::::::::::::::::::::::: 18 3.1.3 Enhancement :::::::::::::::::::::::::::::: 20 3.2 Isolation ::::::::::::::::::::::::::::::::::::: 22 3.2.1 Language-based Isolation :::::::::::::::::::::::: 23 3.2.2 Sandbox-based Isolation :::::::::::::::::::::::: 24 3.2.3 VM-based Isolation ::::::::::::::::::::::::::: 26 3.2.4 OS Kernel-based Isolation ::::::::::::::::::::::: 27 3.3 Iframe Security ::::::::::::::::::::::::::::::::: 28 4 Data Residue Attacks on Android :::::::::::::::::::::::::: 30 vi Page 4.1 Security Considerations in the Design of Android Extensible Frameworks : 31 4.1.1 Initiator Perspective :::::::::::::::::::::::::: 31 4.1.2 Target Perspective ::::::::::::::::::::::::::: 32 4.1.3 Channel Perspective :::::::::::::::::::::::::: 33 4.2 Problem Formulation :::::::::::::::::::::::::::::: 35 4.2.1 Background ::::::::::::::::::::::::::::::: 35 4.2.2 The Data Residue Problem :::::::::::::::::::::: 38 4.2.3 Two-stage Study on Android Data Residue :::::::::::::: 39 4.3 Methodology :::::::::::::::::::::::::::::::::: 40 4.4 Attacks ::::::::::::::::::::::::::::::::::::: 43 4.4.1 Credential Stealing ::::::::::::::::::::::::::: 44 4.4.2 Capability Intruding :::::::::::::::::::::::::: 50 4.4.3 Settings Impersonating ::::::::::::::::::::::::: 56 4.4.4 History Peeking ::::::::::::::::::::::::::::: 60 4.4.5 Permissions Regaining ::::::::::::::::::::::::: 63 4.5 Evaluation :::::::::::::::::::::::::::::::::::: 64 4.6 Discussion :::::::::::::::::::::::::::::::::::: 69 4.7 Conclusion :::::::::::::::::::::::::::::::::::: 73 5 Detecting Data Residue in Android Images ::::::::::::::::::::: 74 5.1 Background ::::::::::::::::::::::::::::::::::: 76 5.2 Design :::::::::::::::::::::::::::::::::::::: 80 5.2.1 Image Preprocessing :::::::::::::::::::::::::: 82 5.2.2 System Service Collection ::::::::::::::::::::::: 83 5.2.3 Entry Point Identification ::::::::::::::::::::::: 84 5.2.4 Call Graph Construction :::::::::::::::::::::::: 85 5.2.5 Target APIs Harvest :::::::::::::::::::::::::: 87 5.2.6 Risk Evaluation ::::::::::::::::::::::::::::: 88 5.3 Implementation ::::::::::::::::::::::::::::::::: 89 5.3.1 Bridging Broken Links ::::::::::::::::::::::::: 90 vii Page 5.3.2 Building Class Hierarchy and Call Graph ::::::::::::::: 91 5.3.3 Handling Exceptions :::::::::::::::::::::::::: 92 5.3.4 Discussion :::::::::::::::::::::::::::::::: 92 5.3.5 Code Base and Availability ::::::::::::::::::::::: 93 5.4 Evaluation :::::::::::::::::::::::::::::::::::: 94 5.4.1 Panorama of Android Data Residue :::::::::::::::::: 95 5.4.2 ANRED Effectiveness ::::::::::::::::::::::::: 101 5.4.3 Attacks ::::::::::::::::::::::::::::::::: 102 5.4.4 ANRED Performance :::::::::::::::::::::::::: 105 5.5 Conclusion :::::::::::::::::::::::::::::::::::: 109 6 AFrame: Isolating Advertisements from Mobile Applications in Android ::::: 110 6.1 Overview of AFrame :::::::::::::::::::::::::::::: 113 6.1.1 From the User Perspective ::::::::::::::::::::::: 114 6.1.2 From the Developer Perspective :::::::::::::::::::: 115 6.1.3 From the System Perspective ::::::::::::::::::::: 118 6.2 Design and Implementation :::::::::::::::::::::::::: 119 6.2.1 Process Isolation :::::::::::::::::::::::::::: 120 6.2.2 Permission Isolation :::::::::::::::::::::::::: 123 6.2.3 Display Isolation :::::::::::::::::::::::::::: 124 6.2.4 Input Isolation ::::::::::::::::::::::::::::: 128 6.2.5 LifeCycle Synchronization ::::::::::::::::::::::: 130 6.2.6 Code Modification ::::::::::::::::::::::::::: 131 6.3 Evaluation and Case Studies :::::::::::::::::::::::::: 132 6.3.1 Isolating Third-Party Advertisements ::::::::::::::::: 132 6.3.2 Performance: System Overhead :::::::::::::::::::: 135 6.3.3 Performance: Application Overhead :::::::::::::::::: 137 6.4 Conclusion :::::::::::::::::::::::::::::::::::: 141 7 Summary ::::::::::::::::::::::::::::::::::::::: 142 A Attacks on Android Clipboard :::::::::::::::::::::::::::: 146 viii Page A.1 Short Tutorial on Android Clipboard ::::::::::::::::::::: 148 A.1.1 Copying Data from Apps to the Clipboard :::::::::::::: 149 A.1.2 Monitoring the Clipboard Data :::::::::::::::::::: 149 A.1.3 Pasting Data from the Clipboard to Apps :::::::::::::: 150 A.2 Threat Models :::::::::::::::::::::::::::::::::: 151 A.3 Injection Attacks - JavaScript ::::::::::::::::::::::::: 153 A.3.1 JavaScript on Mobile Browser’s URL Bar ::::::::::::::: 153 A.3.2 Cross Site Scripting (XSS) Attack ::::::::::::::::::: 158 A.3.3 Cross Origin Invocation Attack :::::::::::::::::::: 158 A.3.4 Dynamic Page Construction :::::::::::::::::::::: 159 A.3.5 SQL-Type Code Injection ::::::::::::::::::::::: 161 A.4 Injection Attacks - Command ::::::::::::::::::::::::: 165 A.5 Injection Attacks - Phishing :::::::::::::::::::::::::: 167 A.6 Data Leakage Attacks ::::::::::::::::::::::::::::: 169 A.7 Discussion :::::::::::::::::::::::::::::::::::: 170 A.7.1 Desktop Clipboard Security :::::::::::::::::::::: 170 A.7.2 Improving Android Clipboard Security :::::::::::::::: 171 A.8 Conclusion :::::::::::::::::::::::::::::::::::: 174 LIST
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages199 Page
-
File Size-