research-article

Finding the missing piece: permission specification analysis for Android NDK

Authors:

Ting WangAuthors Info & Claims

ASE '21: Proceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering

Pages 505 - 516

https://doi.org/10.1109/ASE51524.2021.9678843

Published: 24 June 2022 Publication History

Abstract

The Android research community has long focused on building the permission specification for Android framework APIs, which can be referenced by app developers to request the necessary permissions for their apps. However, existing studies just analyze the permission specification for Java framework APIs in Android SDK, whereas the permission specification for native framework APIs in Android NDK remains intact. Since more and more apps implement their functionalities using native framework APIs, and the permission specification for these APIs is poorly documented, the permission specification analysis for Android NDK is in urgent need. To fill in the gap, in this paper, we conduct the first permission specification analysis for Android NDK. In particular, to automatically generate the permission specification for Android NDK, we design and develop PSGen, a new tool that statically analyzes the implementation of Android framework and Android kernel to correlate native framework APIs with their required permissions. Applying PSGen to 3 Android systems, including Android 9.0, 10.0, and 11.0, we find that PSGen can precisely build the permission specification. With the help of PSGen, we discover more than 200 native framework APIs that are correlated with at least one permission.

References

[1]

"ACameraManager_openCamera," https://developer.android.com/ndk/reference/group/camera?#acameramanager_opencamera, 2021.

[2]

"Android API reference," https://developer.android.com/reference, 2021.

[3]

"Android Camera2 executable failed to get frames," https://stackoverflow.com/questions/52710811/android-camera2-executable-failed-to-get-frames, 2021.

[4]

"Android Clang/LLVM Toolchain," https://android.googlesource.com/toolchain/llvm_android/+/master, 2021.

[5]

"Android Common Kernels," https://source.android.com/devices/architecture/kernel/android-common, 2021.

[6]

"Android NDK API Reference," https://developer.android.com/ndk/reference, 2021.

[7]

"Binder," https://developer.android.com/reference/android/os/Binder, 2021.

[8]

"Building Kernels," https://source.android.com/setup/build/building-kernels, 2021.

[9]

"Camera API," https://developer.android.com/guide/topics/media/camera#manifest, 2021.

[10]

"CameraManager.openCamera," https://developer.android.com/reference/android/hardware/camera2/CameraManager?#openCamera(java.lang. String, android.hardware.camera2.CameraDevice.StateCallback, android.os.Handler), 2021.

[11]

"Credentials in Linux," https://www.kernel.org/doc/html/v4.15/security/credentials.html, 2021.

[12]

"Kernel Size Tuning Guide," https://elinux.org/Kernel_Size_Tuning_Guide, 2021.

[13]

"LLVM bitcode linker," http://llvm.org/docs/CommandGuide/llvm-link.html, 2021.

[14]

"LLVM's object file dumper," https://llvm.org/docs/CommandGuide/llvm-objdump.html, 2021.

[15]

"Mapping High Level Constructs to LLVM IR," https://mapping-high-level-constructs-to-llvm-ir.readthedocs.io/en/latest/README.html, 2021.

[16]

"Mobile Android Version Market Share Worldwide," https://gs.statcounter.com/android-version-market-share/mobile/worldwide/, 2021.

[17]

"NDK libraries," https://developer.android.com/ndk/guides/libs, 2021.

[18]

"Object file dumper," https://man7.org/linux/man-pages/man1/objdump.1.html, 2021.

[19]

"Permissions overview," https://developer.android.com/guide/topics/permissions/overview, 2021.

[20]

"PeX," https://github.com/lzto/pex#resolve-indirect-call-kmi-or-cvf, 2021.

[21]

"Platform Architecture," https://developer.android.com/guide/platform, 2021.

[22]

"platform.xml," https://cs.android.com/android/platform/superproject/+/master:frameworks/base/data/etc/platform.xml, 2021.

[23]

"socket.S," https://android.googlesource.com/platform/bionic/+/db1ea34/libc/arch-x86/syscalls/socket.S, 2021.

[24]

"System Calls," https://www.gnu.org/software/libc/manual/html_node/System-Calls.html, 2021.

[25]

"unistd.h," https://github.com/torvalds/linux/blob/master/include/uapi/asm-generic/unistd.h, 2021.

[26]

"Whole Program LLVM," https://github.com/travitch/whole-program-llvm, 2021.

[27]

Y. Aafer, J. Huang, Y. Sun, X. Zhang, N. Li, and C. Tian, "AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection," in Proc. NDSS, 2018.

[28]

Y. Aafer, G. Tao, J. Huang, X. Zhang, and N. Li, "Precise Android API Protection Mapping Derivation and Reasoning," in Proc. CCS, 2018.

[29]

V. Afonso, A. Bianchi, Y. Fratantonio, A. Doupé, M. Polino, P. de Geus, C. Kruegel, and G. Vigna, "Going native: Using a large-scale analysis of android apps to create a practical native-code sandboxing policy," in Proc. NDSS, 2016.

[30]

S. Almanee, A. Unal, and M. Payer, "Too Quiet in the Library: An Empirical Study of Security Updates in Android Apps' Native Code," in Proc. ICSE, 2021.

[31]

L. O. Andersen, "Program analysis and specialization for the C programming language," Ph.D. dissertation, University of Cophenhagen, 1994.

[32]

K. W. Y. Au, Y. Zhou, Z. Huang, and D. Lie, "PScout: Analyzing the Android Permission Specification," in Proc. CCS, 2012.

[33]

M. Backes, S. Bugiel, E. Derr, P. McDaniel, D. Octeau, and S. Weisgerber, "On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis," in Proc. USENIX Security, 2016.

[34]

D. Barrera, H. G. Kayacik, P. C. van Oorschot, and A. Somayaji, "A Methodology for Empirical Analysis of Permission-Based Security Models and Its Application to Android," in Proc. CCS, 2010.

[35]

A. Bartel, J. Klein, M. Monperrus, and Y. Le Traon, "Static analysis for extracting permission checks of a large scale framework: The challenges and solutions for analyzing android," IEEE Transactions on Software Engineering, vol. 40, no. 6, pp. 617--632, 2014.

[36]

A. Dawoud and S. Bugiel, "Bringing balance to the force: Dynamic analysis of the android application framework," in Proc. NDSS, 2021.

[37]

M. Fan, L. Yu, S. Chen, H. Zhou, X. Luo, S. Li, Y. Liu, J. Liu, and T. Liu, "An empirical evaluation of GDPR compliance violations in Android mHealth apps," in Proc. ISSRE, 2020.

[38]

A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner, "Android permissions demystified," in Proc. CCS, 2011.

[39]

S. Ghavamnia, T. Palit, A. Benameur, and M. Polychronakis, "Confine: Automated system call policy generation for container attack surface reduction," in Proc. RAID, 2020, pp. 443--458.

[40]

S. A. Gorski, B. Andow, A. Nadkarni, S. Manandhar, W. Enck, E. Bodden, and A. Bartel, "ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware," in Proc. CODASPY, 2019.

Digital Library

[41]

A. Grünbacher, "POSIX Access Control Lists on Linux," in Proc. USENIX ATC, 2003.

[42]

B. Liu, C. Zhang, G. Gong, Y. Zeng, H. Ruan, and J. Zhuge, "FANS: Fuzzing Android Native System Services via Automated Interface Analysis," in Proc. USENIX Security, 2020.

[43]

L. Luo, "Heap Memory Snapshot Assisted Program Analysis for Android Permission Specification," in Proc. SANER, 2020.

[44]

C. Qian, X. Luo, Y. Shao, and A. Chan, "On tracking information flows through jni in android applications," in Proc. DSN, 2014.

[45]

C. Qian, X. Luo, Y. Le, and G. Gu, "Vulhunter: toward discovering vulnerabilities in android applications," IEEE Micro, vol. 35, no. 1, pp. 44--53, 2015.

Digital Library

[46]

Y. Shao, J. Ott, Q. A. Chen, Z. Qian, and Z. M. Mao, "Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework," in Proc. NDSS, 2016.

[47]

Q. Shi, X. Xiao, R. Wu, J. Zhou, G. Fan, and C. Zhang, "Pinpoint: Fast and precise sparse value flow analysis for million lines of code," in Proc. PLDI, 2018.

Digital Library

[48]

Y. Sui and J. Xue, "SVF: interprocedural static value-flow analysis in LLVM," in Proc. CC, 2016.

[49]

Y. Tang, X. Zhan, H. Zhou, X. Luo, Z. Xu, Y. Zhou, and Q. Yan, "Demystifying application performance management libraries for android," in Proc. ASE, 2019.

[50]

J. Wu, S. Liu, S. Ji, M. Yang, T. Luo, Y. Wu, and Y. Wang, "Exception beyond Exception: Crashing Android System by Trapping in "Uncaught Exception"," in Proc. ICSE, 2017.

Digital Library

[51]

L. Xue, C. Qian, H. Zhou, X. Luo, Y. Zhou, Y. Shao, and A. T. Chan, "Ndroid: Toward tracking information flows across multiple android contexts," IEEE Transactions on Information Forensics and Security, vol. 14, no. 3, pp. 814--828, 2019.

[52]

L. Xue, H. Zhou, X. Luo, L. Yu, D. Wu, Y. Zhou, and X. Ma, "Packergrind: An adaptive unpacking system for android apps," IEEE Transactions on Software Engineering, 2020.

[53]

L. Xue, H. Zhou, X. Luo, Y. Zhou, Y. Shi, G. Gu, F. Zhang, and M. H. Au, "Happer: Unpacking Android Apps via a Hardware-Assisted Approach," in Proc. S&P, 2021.

[54]

L. Yu, X. Luo, J. Chen, H. Zhou, T. Zhang, H. Chang, and H. K. Leung, "PPChecker: Towards Accessing the Trustworthiness of Android Apps' Privacy Policies," IEEE Transactions on Software Engineering, 2018.

[55]

X. Zhan, L. Fan, S. Chen, F. Wu, T. Liu, X. Luo, and Y. Liu, "Atvhunter: Reliable version detection of third-party libraries for vulnerability identification in android apps," in Proc. ICSE, 2021.

Digital Library

[56]

X. Zhan, L. Fan, T. Liu, S. Chen, L. Li, H. Wang, Y. Xu, X. Luo, and Y. Liu, "Automated third-party library detection for android applications: Are we there yet?" in Proc. ASE, 2020.

Digital Library

[57]

T. Zhang, W. Shen, D. Lee, C. Jung, A. M. Azab, and R. Wang, "Pex: A permission check analysis framework for linux kernel," in Proc. USENIX Security, 2019.

[58]

Y. Zhang, M. Yang, B. Xu, Z. Yang, G. Gu, P. Ning, X. S. Wang, and B. Zang, "Vetting undesirable behaviors in android apps with permission use analysis," in Proc. CCS, 2013.

[59]

H. Zhou, H. Wang, Y. Zhou, X. Luo, Y. Tang, L. Xue, and T. Wang, "Demystifying diehard android apps," in Proc. ASE, 2020.

Cited By

Shimizu RNunomura YKanuka H(2024)Test-suite-guided discovery of least privilege for cloud infrastructure as codeAutomated Software Engineering10.1007/s10515-024-00420-531:1Online publication date: 5-Mar-2024
https://dl.acm.org/doi/10.1007/s10515-024-00420-5
Zhou HLuo XWang HCai HYin HStavrou ACremers CShi E(2022)Uncovering Intent based Leak of Sensitive Data in Android FrameworkProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3560601(3239-3252)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3548606.3560601
Li CChen XSun RXue MWen SAhmed MCamtepe SXiang YRoychoudhury ACadar CKim M(2022)Cross-language Android permission specificationProceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3540250.3549142(772-783)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3540250.3549142

Recommendations

Cross-language Android permission specification
ESEC/FSE 2022: Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering

The Android system manages access to sensitive APIs by permission enforcement. An application (app) must declare proper permissions before invoking specific Android APIs. However, there is no official documentation providing the complete list of ...
SecuRank: Starving Permission-Hungry Apps Using Contextual Permission Analysis
SPSM '16: Proceedings of the 6th Workshop on Security and Privacy in Smartphones and Mobile Devices

Competition among app developers has caused app stores to be permeated with many groups of general-purpose apps that are functionally-similar. Examples are the many flashlight or alarm clock apps to choose from. Within groups of functionally-similar ...
DEMO: Starving Permission-Hungry Android Apps Using SecuRank
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

We demonstrate SecuRank, a tool that can be employed by Android smartphone users to replace their currently installed apps with functionally-similar ones that require less sensitive access to their device. SecuRank works by using text mining on the app ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASE '21: Proceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering

November 2021

1446 pages

ISBN:9781665403375

General Chair:
John Grundy
Monash University, Australia

Sponsors

In-Cooperation

IEEE CS

Publisher

IEEE Press

Publication History

Published: 24 June 2022

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ASE '21

Sponsor:

ASE '21: 36th IEEE/ACM International Conference on Automated Software Engineering

November 15 - 19, 2021

Melbourne, Australia

Acceptance Rates

Overall Acceptance Rate 82 of 337 submissions, 24%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
32
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)0

Reflects downloads up to 26 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Shimizu RNunomura YKanuka H(2024)Test-suite-guided discovery of least privilege for cloud infrastructure as codeAutomated Software Engineering10.1007/s10515-024-00420-531:1Online publication date: 5-Mar-2024
https://dl.acm.org/doi/10.1007/s10515-024-00420-5
Zhou HLuo XWang HCai HYin HStavrou ACremers CShi E(2022)Uncovering Intent based Leak of Sensitive Data in Android FrameworkProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3560601(3239-3252)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3548606.3560601
Li CChen XSun RXue MWen SAhmed MCamtepe SXiang YRoychoudhury ACadar CKim M(2022)Cross-language Android permission specificationProceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3540250.3549142(772-783)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3540250.3549142

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten