Towards secure interoperation in android : a study of interoperation vulnerabilities in Android

Abstract

Android apps interoperate with different components to provide extensive experience to users. Even though interoperation between Android apps and different components may improve the quality of apps by providing additional features, it may cause security issues. In this thesis, we study interoperation vulnerabilities in the Android platform to improve the security of the mobile platform. We investigate three different levels of interoperation: app level, system level, and programming language level. For the app level, we study security issues arisen while Android apps interoperate with each other. We focus on vulnerabilities in managing the Activity component in the Android platform and introduce a new type of attack called activity injection. We demonstrate the attack to show how powerful it is and propose a static analyzer and a defense system that detects and prevents such attacks. For the system level, we study security problems while Android apps interoperate with system utilities provided by the Android platform. Among many system utilities, we target Android Debug Bridge (ADB) as it provides powerful debug features. We intensively analyze ADB to understand how malicious apps can exploit the ADB to launch various kinds of attacks. Our work shows that the missing authentication logic in an ADB server allows an attacker to leverage powerful functionalities in ADB that lead to critical attacks. For the programming language level, we study Java Native Interface (JNI) that allows Android Java code to interoperate with other programming languages such as C and C++. In this work, we propose JUSTGen, a semi-automated approach which utilizes SMT solver to identify unspecified cases from a JNI specification and generates test programs that trigger the behaviors of unspecified cases. Using the test programs, we found critical run-time errors such as violation of the Java type system, and memory corruption from the mainstream JVMs. We reported 792 unspecified cases that are not validated by JVMs to their corresponding JVM vendors. Among them, 563 cases have been fixed and the remaining cases will be fixed in near future. We believe that applying techniques introduced in this thesis would improve the security of mobile platforms.