Self-update vulnerability in android

Abstract

It has been known that insecure software update causes serious security problems. Even though soft-ware updates in various systems such as medical devices, automobiles, and femtocells have been studied in deeply, little is understood update mechanisms in Android applications. In this thesis, I manually analyze self-update mechanisms in Android applications with most popular 225 real-world Android applications collected from Google Play. With careful analysis, two vulnerabilities have been found in self-updating mechanisms, i) distribution methods of updated files ii) usage of shared storage. By manually analyze 225 Android applica-tions, 37% of applications distribute updated files in insecure manner, and 33% of applications utilize shared storage for saving updated files. By exploiting self-update vulnerabilities, I have demonstrated that malware can be installed on vic-tim’s mobile devices. Moreover, I also show that injecting malicious code into updated files is also possible. As the adversaries can install malware on victim’s mobile devices, many attacks are possible including steal-ing user’s private data such as contact, SMS, and friend lists. Furthermore, by installing a malicious applica-tion, the mobile devices can be rooted and as a consequence, the adversaries can have root privilege.