Exploiting Android System Services Through Bypassing Service Helpers

Gu, Yachong; Cheng, Yong; Liu, Ying; Yemian, Lu; Li, Qi; Su, Purui

doi:10.1007/978-3-319-59608-2_3

Cited by 5 publications

(19 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The first key challenge is to determine the effective attack surface available to a potential attacker. Past works analyzed client-and server-side APIs and they highlighted security-relevant differences [37], [25], [14]. However, we show that there are server-side APIs (available to an attacker) that do not have their associated client-side API.…”

Section: Technical Challengesmentioning

confidence: 69%

“…The complexity of system services opens to many potential vulnerabilities. One specific aspect that has been explored by previous works relates to inconsistencies in the placement of security checks like permission enforcing or identity control [37], [25], [14]. The common root cause is that the checks were performed only in the Manager and not also in the Service counterpart.…”

Section: B Known Potential Pitfallsmentioning

confidence: 99%

“…The two lists are then merged together. Other works used the same approach to enumerate and list the services available in the Android OS [25], [37], [14].…”

Section: B Enumerating the Attack Surfacementioning

confidence: 99%

See 2 more Smart Citations

Preventing and Detecting State Inference Attacks on Android

Possemato

Nisi

Fratantonio

2021

Proceedings 2021 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Section: Technical Challengesmentioning

confidence: 69%

Section: B Known Potential Pitfallsmentioning

confidence: 99%

See 1 more Smart Citation

Preventing and Detecting State Inference Attacks on Android

Possemato

Nisi

Fratantonio

2021

Proceedings 2021 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

“…For example, there are DoS attacks exploiting the lack of input validation [16], the inconsistent security enforcement within the Android framework [29], the design trait in the concurrency control mechanism of the system server [22], the vulnerability in the call back mechanism in system services [31], as well as the lack of access control and memory usage limit in various ION heaps [35]. Also, there are attacks that can force the process abort and trigger the system reboot via IPC flooding [20], JGR (JNI Global Reference) exhaustion [21], and Toasts flooding [24]. The other attack point category is to launch DoS attacks from the native layer.…”

Section: Related Workmentioning

confidence: 99%

“…Amandroid is another static application analysis tool for determining points-to information for all objects in Android applications and context-sensitive functions across Android applications components [32]. Besides analyzing apps, there are also static analysis tools for system vulnerability analysis based on the Android source code [20][21] [22][29] [35]. SUSI is proposed to leverage a machine-learning guided approach to classify and categorize sources and sinks in the framework layer and pre-installed apps [28].…”

Section: Related Workmentioning

confidence: 99%

NativeX: Native Executioner Freezes Android

Hou¹,

Cheng²,

Liu

2020

Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

Android is a Linux-based multi-thread open-source operating system that dominates 85% of the worldwide smartphone market share. Though Android has its established management for its framework layer processes, we discovered for the first time that the weak management of native processes is posing tangible threats to Android systems from version 4.2 to 9.0. As a consequence, any third-party application without any permission can freeze the system or force the system to go through a reboot by starving or significantly delaying the critical system services using Android commands in its native processes. We design NativeX to systematically analyze the Android source code to identify the risky Android commands. For each identified risky command, NativeX can automatically generate the PoC (Proof-of-Concept) application, and verify the effectiveness of the generated PoC. We conduct manual vulnerability analysis to reveal two root causes beyond the superficial attack consequences. We further carry out quantitative experiments to demonstrate the attack consequences, including the device temperature surge, the battery degeneration, and the computing performance decrease, based on which, three representative PoC attacks are engineered. Finally, we discuss possible defense approaches to improve the management of Android native processes. CCS CONCEPTS • Security and privacy → Mobile platform security; Denialof-service attacks.

show abstract

A Systematic Study of Android Non-SDK (Hidden) Service API Security

et al. 2023

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Exploiting Android System Services Through Bypassing Service Helpers

Cited by 5 publications

References 17 publications

Preventing and Detecting State Inference Attacks on Android

Preventing and Detecting State Inference Attacks on Android

NativeX: Native Executioner Freezes Android

A Systematic Study of Android Non-SDK (Hidden) Service API Security

Contact Info

Product

Resources

About