ABSTRACT
Bytecode rewriting on Android applications has been widely adopted to implement fine-grained access control. It endows more flexibility and convenience without modifying the Android platform. Bytecode rewriting uses static analysis to identify the usage of security-sensitive API methods, before it instruments the bytecode to control the access to these API calls. Due to the significance of this technique, the effectiveness of its performance in providing fine-grained access control is crucial. We have provided a systematic evaluation to assess the effectiveness of API-level access control using bytecode rewriting on Android Operating System. In our evaluation, we have identified a number of potential attacks targeted at incomplete implementations of bytecode rewriting on Android OS, which can be applied to bypass access control imposed by bytecode rewriter. These attacks can either bypass the API-level access control or make such access control difficult to implement, exposing weak links in the bytecode rewriting process. Recommendations on engineering secure bytecode rewriting tools are presented based on the identified attacks. This work is the first systematic study on the effectiveness of using bytecode rewriting for API-level access control.
- Android developer. http://www.developer.android.com/about/versions/android-4.0.3.html.Google Scholar
- Android reverse engineering honeynet project. http://www.honeynet.org/node/783.Google Scholar
- Binder. http://www.developer.android.com/reference/andrdoid/os/Binder.html.Google Scholar
- Bytecode for the dalvik vm. http://www.source.android.com/tech/dalvik-bytecode.html.Google Scholar
- Commonsware camera application. http://github.com/commonsguy/cw-omnibus.Google Scholar
- Jni tips. http://www.developers.android.com.guide/practices/jni.html.Google Scholar
- Naming a package. http://www.docs.oracle.com/javase/tutorial/package/namingpkgs.html.Google Scholar
- smali: An assembler/disassembler for android's dex format. http://www.code.google.com/p/smali.Google Scholar
- Swi handlers. http://www.infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0040d/Cacdfeci.html.Google Scholar
- Android binder: Android interprocess communication. 2011.Google Scholar
- A. Bartel, J. Klein, K. Allix, Y. Traon, and M. Monperrus. Improving privacy on android smartphones through in-vivo bytecode instrumentation. CoRR, abs/1208.4536, 2012.Google Scholar
- A. Chander, J. C. Mitchell, and I. Shin. Mobile code security by java bytecode instrumentation. pages 1027--1040, 2001.Google Scholar
- E. Chin, A. P. Felt, K. Greenwood, and D. Wanger. Analyzing inter-application communication in android. In Proceedings of the 9th International Conference on Mobile system, application and serivecs, 2011. Google ScholarDigital Library
- B. Davis, B. Sanders, A. Khodaverdian, and H. Chen. I-arm-droid: A rewriting framework for in-app reference monitors for android applications. In IEEE Mobile Security Technologies, 2012.Google Scholar
- W. Enck, P. Gilbert, B. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, pp.1--6, 2010. Google ScholarDigital Library
- U. Erlingsson. The inlined reference monitor approach to security policy enforcement. 2004.Google Scholar
- A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Android permissions demystified. In Proceedings of the 18th ACM Conference on Computer and Communication Security, 2011. Google ScholarDigital Library
- P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall. "these aren't the droids you're looking for": Retrofitting android to protect data from imperious applications. In Proceedings of the 18th ACM conference on Computer and communication security, 2011. Google ScholarDigital Library
- J. Jeon, K. K. Micinski, and J. A. Vaughan. Dr. android and mr. hide: Fine-grained security policies on unmodified android. Technical Report, Department of Computer Science, University of Maryland, 2011.Google Scholar
- M. Nauman, S. Khan, and X. Zhang. Apex: Extending android permission model and enforcement with user-defined runtime constraints. in Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, 2010. Google ScholarDigital Library
- D. Poo, D. Kiong, and S. Ashok. Object-oriented programming and java, 2nd edition. 2007. Google ScholarDigital Library
- N. Reddy, J. Jeon, J. Vaughan, T. Millstein, and J. Foster. Application-centric security policies on unmodified android. UCLA Computer Science Department, Technical Report, 2011.Google Scholar
- D. Reynaud, E. C. R. Shin, T. R. Magrino, E. X. Wu, and D. Song. Freemarket: Shopping for free in android applications. In Proceedings of the 19th Annual Symposium on Network and Distributed System Security, 2012.Google Scholar
- A. Rudys and D. S. Wallach. Enforceing java run-time properties using bytecode rewriting. 2002.Google Scholar
- S. Shekhar, M. Dietz, and D. S. Wallach. Adsplit: Separating smartphone advertising from applications. CoRR,abs/102.4030, 2012.Google Scholar
- R. Xu, H. Saidi, and R. Anderson. Aurasium: Practical policy enforcement for android applications. In Proceedings of the 21st USENIX Security Symposium, 2012. Google ScholarDigital Library
- Y. Zhou, Z. Wang, W. Zhou, and X. Jiang. Hey, you, get off of my market: Detection malicious apps in official and alternative android markets. In Proceedings of the 19th Annual Symposium on Network and Distributed System Security, 2012.Google Scholar
- Y. Zhou, X.Zhang, X. Jiang, and V. Freeh. Taming information-stealing smartphone applications(on android). Trust and Trustworthy Computing, pp.93--107, 2011. Google ScholarDigital Library
Index Terms
- On the effectiveness of API-level access control using bytecode rewriting in Android
Recommendations
Android permissions demystified
CCS '11: Proceedings of the 18th ACM conference on Computer and communications securityAndroid provides third-party applications with an extensive API that includes access to phone hardware, settings, and user data. Access to privacy- and security-relevant parts of the API is controlled with an install-time application permission system. ...
Taming transitive permission attack via bytecode rewriting on Android application
Google Android is popular for mobile devices in recent years. The openness and popularity of Android make it a primary target for malware. Even though Android's security mechanisms could defend most malware, its permission model is vulnerable to ...
Rewriting an Android app using RetroSkeleton
MobiSys '13: Proceeding of the 11th annual international conference on Mobile systems, applications, and servicesThis video demonstrates one potential application of RetroSkeleton, which is a system for specifying and applying transformations to Android apps via bytecode rewriting. These transformation policies are app-agnostic and can be applied to Android apps ...
Comments