Cited By
View all- Nash AChoo K(2024)Password Managers and Vault Application Security and Forensics: Research Challenges and Future OpportunitiesDigital Forensics and Cyber Crime10.1007/978-3-031-56583-0_3(31-53)Online publication date: 3-Apr-2024
Casing the Vault: Security Analysis of Vault Applications
November 2022
Pages 175 - 180
Abstract
Vault applications are a class of mobile apps used to store and hide users' sensitive files (e.g., photos, documents, and even another app) on the phone. In this paper, we perform an empirical analysis of popular vault apps under the scenarios of unjust search and filtration of civilians by authorities (e.g., during civil unrest). By limiting the technical capability of adversaries, we explore the feasibility of inferring the presence of vault apps and uncovering the hidden files without employing sophisticated forensics analysis. Our analysis of 20 popular vault apps shows that most of them do not adequately implement/configure their disguises, which can reveal their existence without technical analysis. In addition, adversaries with rudimentary-level knowledge of the Android system can already uncover the files stored in most of the vault apps. Our results indicate the need for more secure designs for vault apps.
References
[1]
2020. UI/Application Exerciser Monkey. https://developer.android.com/studio/ test/monkey.
[2]
2021. What is ADB? How to Install ADB, Common Uses, and Advanced Tutorials. https://www.xda-developers.com/what-is-adb/.
[3]
Katie Balevic. 2022. Moscow police are stopping people and demanding to read their text messages, reporter says. https://www.businessinsider.com/russian-police-are-demanding-to-read-peoples-text-messages-reporter-2022--3.
[4]
Patrick Carter, Collin Mulliner, Martina Lindorfer, William Robertson, and Engin Kirda. 2017. Curiousdroid: Automated user interface interaction for android application analysis sandboxes. Lecture Notes in Computer Science 9603 LNCS (2017), 231--249. https://link.springer.com/chapter/10.1007/978--3--662--54970- 4_13
[5]
Bing Chang, Fengwei Zhang, Bo Chen, Yingjiu Li, Wen-Tao Zhu, Yangguang Tian, Zhan Wang, and Albert Ching. 2018. MobiCeal: Towards Secure and Practical Plausibly Deniable Encryption on Mobile Devices. In 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). 454--465. https://doi.org/10.1109/DSN.2018.00054
[6]
Gokila Dorai, Sudhir Aggarwal, Neet Patel, and Charisa Powell. 2020. VIDE - Vault App Identification and Extraction System for iOS Devices. Forensic Science International: Digital Investigation 33 (Jul 2020), 301007. https://doi.org/10.1016/j. fsidi.2020.301007
[7]
Michaila Duncan and Umit Karabiyik. 2018. Detection and Recovery of AntiForensic (VAULT) Applications on Android Devices. Annual ADFSL Conference on Digital Forensics, Security and Law 6 (2018). https://commons.erau.edu/adfsl/ 2018/presentations/6
[8]
Joyce Sohyun Lee and Jonathan Edwards. 2022. Video shows Russian filtration camp, Mariupol mayor's office says. urlhttps://www.washingtonpost.com/world/2022/05/06/ukraine-mariupolrussian-filtration-camp-video/.
[9]
Hrihoriy Pyrlik. 2022. Bribes of cash, cigarettes pave escape for Ukrainians under Russian occupation. https://www.rferl.org/a/cash-cigarettes-can-pave-escapeukrainians-russian-occupation/31904352.html.
[10]
Connor Tumbleson and Ryszard Wisniewski. 2022. Apktool: A tool for reverse engineering 3rd party, closed, binary Android apps. https://ibotpeaches.github. io/Apktool.
[11]
Peter Weber. 2022. Russia is sorting Mariupol "evacuees' at "filtration camps," based on social media posts, Ukrainians say. https://theweek.com/russoukrainian-war/1011541/russia-is-sorting-mariupol-evacuees-at-filtrationcamps-based-on-social.
[12]
Nannan Xie, Hongpeng Bai, Rui Sun, and Xiaoqiang Di. 2020. Android Vault Application Behavior Analysis and Detection. Communications in Computer and Information Science 1257 CCIS (2020), 428--439. https://link.springer.com/ chapter/10.1007/978--981--15--7981--3_31
[13]
Naomi Zeveloff. 2021. Belarusian authorities raid Belarusian Association of Journalists Headquarters, journalists' homes. https://cpj.org/2021/02/belarusianauthorities-raid-belarusian-association-of-journalists-headquartersjournalists-homes/.
[14]
Xiaolu Zhang, Ibrahim Baggili, and Frank Breitinger. 2017. Breaking into the vault: Privacy, security and forensic analysis of Android vault applications. Computers and Security 70 (2017), 516--531. https://doi.org/10.1016/j.cose.2017.07.01
Index Terms
- Casing the Vault: Security Analysis of Vault Applications
Recommendations
An Explorative Study of the Mobile App Ecosystem from App Developers' Perspective
WWW '17: Proceedings of the 26th International Conference on World Wide WebWith the prevalence of smartphones, app markets such as Apple App Store and Google Play has become the center stage in the mobile app ecosystem, with millions of apps developed by tens of thousands of app developers in each major market. This paper ...
Enforcing fine-grained security and privacy policies in an ecosystem within an ecosystem
MobileDeLi 2015: Proceedings of the 3rd International Workshop on Mobile Development LifecycleSmart home automation and IoT promise to bring many advantages but they also expose their users to certain security and privacy vulnerabilities. For example, leaking the information about the absence of a person from home or the medicine somebody is ...
Exploring reverse engineering symptoms in Android apps
EuroSec '15: Proceedings of the Eighth European Workshop on System SecurityThe appearance of the Android platform and its popularity has resulted in a sharp rise in the number of reported vulnerabilities and consequently in the number of mobile threats. Leveraging openness of Android app markets and the lack of security ...
Comments
Information & Contributors
Information
Published In
Copyright © 2022 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 07 November 2022
Check for updates
Author Tags
Qualifiers
- Short-paper
Funding Sources
- National Science Foundation GRFP
- National Science Foundation
Conference
CCS '22
Sponsor:
CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security
November 7, 2022
CA, Los Angeles, USA
Acceptance Rates
Overall Acceptance Rate 106 of 355 submissions, 30%
Upcoming Conference
CCS '24
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 95Total Downloads
- Downloads (Last 12 months)29
- Downloads (Last 6 weeks)1
Other Metrics
Citations
Cited By
View all- Nash AChoo K(2024)Password Managers and Vault Application Security and Forensics: Research Challenges and Future OpportunitiesDigital Forensics and Cyber Crime10.1007/978-3-031-56583-0_3(31-53)Online publication date: 3-Apr-2024
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in