2015 IEEE Symposium on Security and Privacy 2015
DOI: 10.1109/sp.2015.61
|View full text |Cite
|
Sign up to set email alerts
|

Leave Me Alone: App-Level Protection against Runtime Information Gathering on Android

Abstract: Stealing of sensitive information from apps is always considered to be one of the most critical threats to Android security. Recent studies show that this can happen even to the apps without explicit implementation flaws, through exploiting some design weaknesses of the operating system, e.g., shared communication channels such as Bluetooth, and side channels such as memory and network-data usages. In all these attacks, a malicious app needs to run side-by-side with the target app (the victim) to collect its r… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

1
45
0

Year Published

2016
2016
2020
2020

Publication Types

Select...
5
2
2

Relationship

1
8

Authors

Journals

citations
Cited by 63 publications
(46 citation statements)
references
References 9 publications
1
45
0
Order By: Relevance
“…An alternative approach is to monitor the use of the leaky APIs while some sensitive apps are running in the foreground. This idea has been illustrated in Android by Zhang et al [65] on Android using a non-privileged guardian app. Due to the more strict cross-app isolation on iOS, however, this task can only be accomplished by the system itself on iOS.…”
Section: Countermeasuresmentioning
confidence: 99%
See 1 more Smart Citation
“…An alternative approach is to monitor the use of the leaky APIs while some sensitive apps are running in the foreground. This idea has been illustrated in Android by Zhang et al [65] on Android using a non-privileged guardian app. Due to the more strict cross-app isolation on iOS, however, this task can only be accomplished by the system itself on iOS.…”
Section: Countermeasuresmentioning
confidence: 99%
“…Lin et al [45] employed procfs to extract an app's CPU usage to detect user's key press operation on Android. Zhang et al [65] explored similar channels from procfs to fingerprint user behavior through the Android apps of IP cameras. Most recently, Diao et al [36] studied the use of global interrupt counters in procfs to infer the user's unlock patterns and foreground apps.…”
Section: Related Workmentioning
confidence: 99%
“…It replaces the original peripheral drivers by a remote update when a user enters restricted spaces such as a federal building, and doesn't cancel the enforcement of usage policies until the user checks out. App Guardian (Zhang et al 2015) thwarts the runtime-information-gathering of malicious apps by blocking the runtime monitoring attempt. To realize this, App Guardian pauses the malicious app when sensitive app is running.…”
Section: Related Workmentioning
confidence: 99%
“…Zhang et al focus on side-channel leaks and propose an application-level monitor that prevents background processes from collecting privacy-sensitive information [56]. This defense does not protect against AdSDKs that openly send location data over the network, nor against mobile ads that run in the foreground.…”
Section: Related Workmentioning
confidence: 99%