Uncovering Intent based Leak of Sensitive Data in Android Framework
Authors: 
Hao Zhou, Xiapu Luo, Haoyu Wang, 
Haipeng CaiAuthors Info & Claims
Hao Zhou, Xiapu Luo, Haoyu Wang, Haipeng CaiAuthors Info & ClaimsPages 3239 - 3252
Abstract
To prevent unauthorized apps from retrieving the sensitive data, Android framework enforces a permission based access control. However, it has long been known that, to bypass the access control, unauthorized apps can intercept the Intent objects which are sent by authorized apps and carry the retrieved sensitive data. We find that there is a new (previously unknown) attack surface in Android framework that can be exploited by unauthorized apps to violate the access control. Specifically, we discover that part of Intent objects that are sent by Android framework and carry sensitive data can be received by unauthorized apps, resulting in the leak of sensitive data. In this paper, we conduct the first systematic investigation on the new attack surface namely the Intent based leak of sensitive data in Android framework. To automatically uncover such kind of vulnerability in Android framework, we design and develop a new tool named LeakDetector, which finds the Intent objects sent by Android framework that can be received by unauthorized apps and carry the sensitive data. Applying LeakDetector to 10 commercial Android systems, we find that it can effectively uncover the Intent based leak of sensitive data in Android framework. Specifically, we discover 36 exploitable cases of such kind of data leak, which can be abused by unauthorized apps to steal the sensitive data, violating the access control. At the time of writing, 16 of them have been confirmed by Google, Samsung, and Xiaomi, and we received bug bounty rewards from these mobile vendors.
References
[1]
2022. 7-Zip. https://www.7-zip.org/.
[2]
2022. Android Debug Bridge (ADB). https://developer.android.com/studio/com mand-line/adb.
[3]
2022. Android IPC Security Considerations. https://chromium.googlesource.co m/chromium/src.git//refs/heads/main/docs/security/android-ipc.md.
[4]
2022. android-simg2img. https://github.com/anestisb/android-simg2img.
[5]
2022. Android System Partition. https://source.android.com/devices/bootloader/ partitions.
[6]
2022. android.content.ComponentName. https://developer.android.com/referenc e/android/content/ComponentName.
[7]
2022. android.debug.PairDevice. https://cs.android.com/android/platform/supe rproject//master:out/soong/.intermediates/frameworks/base/core/java/andro id.debug_aidl-java-source/gen/android/debug/PairDevice.java.
[8]
2022. android.net.NetworkInfo. https://developer.android.com/reference/androi d/net/NetworkInfo.
[9]
2022. android.telephony.TelephonyManager. https://developer.android.com/refe rence/android/telephony/TelephonyManager.
[10]
2022. AOSP. https://developers.google.com/android/images.
[11]
2022. ColorOS. https://www.coloros.com.
[12]
2022. Intents and Intent Filters. https://developer.android.com/guide/componen ts/intents-filters.
[13]
2022. Java Collections Framework Overview. https://docs.oracle.com/javase/8/d ocs/technotes/guides/collections/overview.html.
[14]
2022. java.lang.Class. https://developer.android.com/reference/java/lang/Class.
[15]
2022. LADB, A local ADB shell for Android. https://github.com/tytydraco/LADB.
[16]
2022. MIUI. https://home.miui.com/.
[17]
2022. Mobile Vendor Market Share Worldwide. https://gs.statcounter.com/vendo r-market-share/mobile.
[18]
2022. OneUI. https://developer.samsung.com/one-ui.
[19]
2022. OriginOS. https://www.vivo.com/originos.
[20]
2022. Permissions overview. https://developer.android.com/guide/topics/permi ssions/overview.
[21]
2022. Soot. https://github.com/soot-oss/soot.
[22]
2022. System Broadcast Intents. https://developer.android.com/about/versions/1 2/reference/broadcast-intents-31.
[23]
Yousra Aafer, Jianjun Huang, Yi Sun, Xiangyu Zhang, Ninghui Li, and Chen Tian. 2018. AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection. In Proc. NDSS.
[24]
Yousra Aafer, Guanhong Tao, Jianjun Huang, Xiangyu Zhang, and Ninghui Li. 2018. Precise Android API Protection Mapping Derivation and Reasoning. In Proc. CCS.
[25]
Anshul Arora, Sateesh K Peddoju, and Mauro Conti. 2019. Permpair: Android malware detection using permission pairs. IEEE Transactions on Information Forensics and Security 15 (2019), 1968--1982.
[26]
Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, Konrad Rieck, and CERT Siemens. 2014. Drebin: Effective and explainable detection of android malware in your pocket. In Proc. NDSS
[27]
Steven Arzt, Siegfried Rasthofer, and Eric Bodden. 2013. Susi: A tool for the fully automated classification and categorization of android sources and sinks. Technical Report TUDCS-2013-0114 (2013).
[28]
K. Au, Yifan Zhou, Zhen Huang, and David Lie. 2012. PScout: Analyzing the Android Permission Specification. In Proc. CCS.
[29]
Michael Backes, Sven Bugiel, Erik Derr, Patrick McDaniel, Damien Octeau, and Sebastian Weisgerber. 2016. On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis. In Proc. USENIX Security.
[30]
Hamid Bagheri, Alireza Sadeghi, Joshua Garcia, and Sam Malek. 2015. Covert: Compositional analysis of android inter-app permission leakage. IEEE transactions on Software Engineering (TSE) 41, 9 (2015), 866--886.
[31]
Hamid Bagheri, Jianghao Wang, Jarod Aerts, Negar Ghorbani, and Sam Malek. 2021. Flair: efficient analysis of Android inter-component vulnerabilities in response to incremental changes. Empirical Software Engineering (2021).
[32]
David Barrera, H. Güne? Kayacik, Paul C. van Oorschot, and Anil Somayaji. 2010. A Methodology for Empirical Analysis of Permission-Based Security Models and Its Application to Android. In Proc. CCS.
[33]
Alexandre Bartel, Jacques Klein, Martin Monperrus, and Yves Le Traon. 2014. Static analysis for extracting permission checks of a large scale framework: The challenges and solutions for analyzing android. IEEE Transactions on Software Engineering 40, 6 (2014), 617--632.
[34]
Amiangshu Bosu, Fang Liu, Danfeng Yao, and Gang Wang. 2017. Collusive data leak and more: Large-scale threat analysis of inter-app communications. In Proc. AsiaCCS.
[35]
Maxim Chernyshev, Craig Valli, and Peter Hannay. 2015. On 802.11 access point locatability and named entity recognition in service set identifiers. IEEE Transactions on Information Forensics and Security (2015).
[36]
Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner. 2011. Analyzing inter-application communication in Android. In Proc. MobiSys. 239--252.
[37]
Abdallah Dawoud and Sven Bugiel. 2019. DroidCap: OS support for capability-based permissions in android. In Proc. NDSS.
[38]
Abdallah Dawoud and Sven Bugiel. 2021. Bringing balance to the force: Dynamic analysis of the android application framework. In Proc. NDSS.
[39]
Jeffrey Dean, David Grove, and Craig Chambers. 1995. Optimization of object- oriented programs using static class hierarchy analysis. In Proc. ECOOP.
[40]
Zeinab El-Rewini and Yousra Aafer. 2021. Dissecting Residual APIs in Custom Android ROMs. In Proc. CCS.
[41]
Karim O Elish, Haipeng Cai, Daniel Barton, Danfeng Yao, and Barbara G Ryder. 2018. Identifying mobile inter-app communication risks. IEEE Transactions on Mobile Computing (2018).
[42]
Mohamed Elsabagh, Ryan Johnson, Angelos Stavrou, Chaoshun Zuo, Qingchuan Zhao, and Zhiqiang Lin. 2020. FIRMSCOPE: Automatic uncovering of privilege-escalation vulnerabilities in pre-installed apps in android firmware. In Proc. USENIX Security.
[43]
William Enck, Machigar Ongtang, and Patrick McDaniel. 2009. Understanding android security. IEEE security & privacy 7, 1 (2009), 50--57.
[44]
Yu Feng, Saswat Anand, Isil Dillig, and Alex Aiken. 2014. Apposcopy: Semantics- based detection of android malware through static analysis. In Proc. FSE.
[45]
Michael I Gordon, Deokhwan Kim, Jeff H Perkins, Limei Gilham, Nguyen Nguyen, and Martin C Rinard. 2015. Information flow analysis of android applications in droidsafe. In Proc. NDSS.
[46]
Sigmund Albert Gorski, Benjamin Andow, Adwait Nadkarni, Sunil Manandhar, William Enck, Eric Bodden, and Alexandre Bartel. 2019. ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware. In Proc. CODASPY.
[47]
Youn Kyu Lee, Jae Young Bang, Gholamreza Safi, Arman Shahbazian, Yixue Zhao, and Nenad Medvidovic. 2017. A sealant for inter-app security holes in android. In Proc. ICSE.
[48]
Jin Li, Lichao Sun, Qiben Yan, Zhiqiang Li, Witawas Srisa-An, and Heng Ye. 2018. Significant permission identification for machine-learning-based android malware detection. IEEE Transactions on Industrial Informatics 14, 7 (2018), 3216--3225.
[49]
Li Li, Alexandre Bartel, Tegawendé F Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel. 2015. Iccta: Detecting inter-component privacy leaks in android apps. In Proc. ICSE.
[50]
Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, and Guofei Jiang. 2012. Chex: statically vetting android apps for component hijacking vulnerabilities. In Proc. CCS.
[51]
Lannan Luo. 2020. Heap Memory Snapshot Assisted Program Analysis for Android Permission Specification. In Proc. SANER.
[52]
Damien Octeau, Daniel Luchaup, Matthew Dering, Somesh Jha, and Patrick McDaniel. 2015. Composite constant propagation: Application to android inter-component communication analysis. In Proc. ICSE.
[53]
Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, and Yves Le Traon. 2013. Effective inter-component communication mapping in android: An essential step towards holistic security analysis. In Proc. USENIX Security.
[54]
Octeau, Damien and Jha, Somesh and Dering, Matthew and McDaniel, Patrick and Bartel, Alexandre and Li, Li and Klein, Jacques and Le Traon, Yves. 2016. Combining static analysis with probabilistic models to enable market-scale android inter-component analysis. In Proc. POPL.
[55]
Joel Reardon, Álvaro Feal, Primal Wijesekera, Amit Elazari Bar On, Narseo Vallina- Rodriguez, and Serge Egelman. 2019. 50 ways to leak your data: An exploration of apps' circumvention of the android permissions system. In Proc. USENIX Security.
[56]
Suranga Seneviratne, Fangzhou Jiang, Mathieu Cunche, and Aruna Seneviratne. 2015. SSIDs in the wild: Extracting semantic information from WiFi SSIDs. In Proc. LCN.
[57]
Yuru Shao, Jason Ott, Qi Alfred Chen, Zhiyun Qian, and Z. Morley Mao. 2016. Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework. In Proc. NDSS.
[58]
Feng Shen, Namita Vishnubhotla, Chirag Todarka, Mohit Arora, Babu Dhandapani, Eric John Lehner, Steven Y Ko, and Lukasz Ziarek. 2014. Information flows as a permission mechanism. In Proc. ASE.
[59]
Wenna Song, Jiang Ming, Lin Jiang, Yi Xiang, Xuanchen Pan, Jianming Fu, and Guojun Peng. 2021. Towards Transparent and Stealthy Android OS Sandboxing via Customizable Container-Based Virtualization. In Proc. CCS.
[60]
Fengguo Wei, Sankardas Roy, Xinming Ou, and Robby. 2014. Amandroid: A Precise and General Inter-Component Data Flow Analysis Framework for Security Vetting of Android Apps. In Proc. CCS.
[61]
Lei Xue, Yajin Zhou, Ting Chen, Xiapu Luo, and Guofei Gu. 2017. Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART. In Proc. USENIX Security.
[62]
Hao Zhou, Haoyu Wang, Xiapu Luo, Ting Chen, Yajin Zhou, and Ting Wang. 2022. Uncovering Cross-Context Inconsistent Access Control Enforcement in Android. In Proc. NDSS.
[63]
Hao Zhou, Haoyu Wang, Shuohan Wu, Xiapu Luo, Yajin Zhou, Ting Chen, and Ting Wang. 2021. Finding the Missing Piece: Permission Specification Analysis for Android NDK. In Proc. ASE
Index Terms
- Uncovering Intent based Leak of Sensitive Data in Android Framework
Recommendations
HybriDroid: static analysis framework for Android hybrid applications
ASE '16: Proceedings of the 31st IEEE/ACM International Conference on Automated Software EngineeringMobile applications (apps) have long invaded the realm of desktop apps, and hybrid apps become a promising solution for supporting multiple mobile platforms. Providing both platform-specific functionalities via native code like native apps and user ...
Collusive Data Leak and More: Large-scale Threat Analysis of Inter-app Communications
ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications SecurityInter-Component Communication (ICC) provides a message passing mechanism for data exchange between Android applications. It has been long believed that inter-app ICCs can be abused by malware writers to launch collusion attacks using two or more apps. ...
From System Services Freezing to System Server Shutdown in Android: All You Need Is a Loop in an App
CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications SecurityThe Android OS not only dominates 78.6% of the worldwide smartphone market in 2014, but importantly has been widely used for mission critical tasks (e.g., medical devices, auto/aircraft navigators, embedded in satellite project). The core of Android, ...
Comments
Information & Contributors
Information
Published In
November 2022
3598 pages
ISBN:9781450394505
DOI:10.1145/3548606
- General Chairs:
- Heng Yin,
- Angelos Stavrou,
- Program Chairs:
- Cas Cremers,
- Elaine Shi
Copyright © 2022 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 07 November 2022
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
CCS '22
Sponsor:
CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security
November 7 - 11, 2022
CA, Los Angeles, USA
Acceptance Rates
Overall Acceptance Rate 1,261 of 6,999 submissions, 18%
Upcoming Conference
CCS '24
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 619Total Downloads
- Downloads (Last 12 months)208
- Downloads (Last 6 weeks)6
Reflects downloads up to 30 Aug 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in