Presentation is loading. Please wait.

Presentation is loading. Please wait.

Leave Me Alone: App- level Protection Against Runtime Information Gathering on Android NAN ZHANG, KAN YUAN, MUHAMMAD NAVEED†, XIAOYONG ZHOU AND XIAOFENG.

Published byWinfred Glenn Modified over 8 years ago

Similar presentations

Presentation on theme: "Leave Me Alone: App- level Protection Against Runtime Information Gathering on Android NAN ZHANG, KAN YUAN, MUHAMMAD NAVEED†, XIAOYONG ZHOU AND XIAOFENG."— Presentation transcript:

1 Leave Me Alone: App- level Protection Against Runtime Information Gathering on Android NAN ZHANG, KAN YUAN, MUHAMMAD NAVEED†, XIAOYONG ZHOU AND XIAOFENG WANG INDIANA UNIVERSITY, BLOOMINGTON

2 INTRODUCTION What is the Problem ? Threat to the mobile users – RIG App with the RECORD_AUDIO permission/ App with no permission RIG threats existence in popular IOT home security devices Eg: Belkin Netcam, and Nest protect Current security model of Android New Approach – App Guardian Basic concept of App Guardian

3 CHALLENGES OS-level solution is often complicated and painful as the manufactures have to customize to various devices Pushing the problem to the app developers is by no means a good idea. Eg, It cannot stop the recording of other app or adding noise to channel increases performance overhead. Conventional solutions to the problem rely on modifying either the Android OS or the apps under the threat. But, this creates the compatibility issues

4 What’s unique ? This App level protection Guard not touching the OS or the App in protection at all. Strategy to identify the suspicious apps by inspecting app’s permissions and behaviours Basic Concept in a nutshell: Pauses all background apps capable causing damage No matter what: RIG attack will be failed

5 Architecture of Guardian

6

7

8

9

10 App Restart Vs Switch

11 Lifecycle of Guardian App

12 How to protect the App Guardian itself ? startForeground KILL_BACKGROUND_PROCESSES System on low memory largeHeap = "true“ restart intent

13 EVALUATION Guardian evaluated over 475 most popular Android apps in 27 categories in the Google store 1.68% of the apps which has impact on the user information needed to be closed All types of RIG attacks that includes audio recording, Bluetooth misbonding have been defeated by this approach Performance: performance cost is as low as 5% of CPU time and 40 MB memory

14 EVALUATION

15 My Analysis Lightweight response and no false alarms App with no system privileges could break Android’s application sandbox and circumvent an app-level protection. App guardian protected itself. Then why not malicious apps use the same trick ? This proposed solution is based on main assumption that most apps in market does not follow the trick of App guardian and this may lead to the FAILURE of this app. What if the malicious apps are released in the name of security apps but not actually securing the apps instead stealing data. These researchers have taken initiative to address the attacks in side channel

16 My Analysis What if the user wants to record an important call, this Guardian in mobile restricts this functionality due to the protection against RIG attack. This simple mechanism of stopping and resuming the background apps focuses only on the issue of audio recording while using phone app, not considering other privacy leakages through the messages or file transfer through the Bluetooth. The guardian app does not quit even if the mobile runs on low memory. This can be considered as an advantage as well as disadvantage of this app. In general, there is no module included in this proposed system to differentiate the danger background processes from the legitimate one except for the case of audio record. If the Android OS takes an initiative to build the protection wall in the side channels, these attacks will not exist anymore so this research do not have a scope in future at all.

17 FUTURE WORK

18 Thank You

Download ppt "Leave Me Alone: App- level Protection Against Runtime Information Gathering on Android NAN ZHANG, KAN YUAN, MUHAMMAD NAVEED†, XIAOYONG ZHOU AND XIAOFENG."

Similar presentations

Win the Cyberwar on Mobile Banking and Payments

Win the Cyberwar on Mobile Banking and Payments
Xiao Zhang and Wenliang Du Dept. of Electrical Engineering & Computer Science Syracuse University.

Xiao Zhang and Wenliang Du Dept. of Electrical Engineering & Computer Science Syracuse University.
Cobalt: Separating content distribution from authorization in distributed file systems Kaushik Veeraraghavan Andrew Myrick Jason Flinn University of Michigan.

Cobalt: Separating content distribution from authorization in distributed file systems Kaushik Veeraraghavan Andrew Myrick Jason Flinn University of Michigan.
© 2001 3 Leaf Solutions, LLC. All Rights Reserved What’s New in Everett Microsoft.Net V1.1.

© Leaf Solutions, LLC. All Rights Reserved What’s New in Everett Microsoft.Net V1.1.
Roman Schlegel City University of Hong Kong Kehuan Zhang Xiaoyong Zhou Mehool Intwala Apu Kapadia XiaoFeng Wang Indiana University Bloomington NDSS SYMPOSIUM.

Roman Schlegel City University of Hong Kong Kehuan Zhang Xiaoyong Zhou Mehool Intwala Apu Kapadia XiaoFeng Wang Indiana University Bloomington NDSS SYMPOSIUM.
Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.

Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.
MOOC on M4D 2013 I NTRODUCTION TO THE A NDROID P LATFORM Ashish Agrawal Indian Institute of Technology Kanpur.

MOOC on M4D 2013 I NTRODUCTION TO THE A NDROID P LATFORM Ashish Agrawal Indian Institute of Technology Kanpur.
Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.

Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.
An Evaluation of the Google Chrome Extension Security Architecture

An Evaluation of the Google Chrome Extension Security Architecture
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.
Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.

Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.
The Most Dangerous Code in the Browser Stefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan Stanford University, Chalmers University of Technology.

The Most Dangerous Code in the Browser Stefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan Stanford University, Chalmers University of Technology.
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr. M.I.T.

Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr. M.I.T.
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.
Case study 2 Android – Mobile OS.

Case study 2 Android – Mobile OS.
William Enck, Machigar Ongtang, and Patrick McDaniel.

William Enck, Machigar Ongtang, and Patrick McDaniel.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

Similar presentations

Ads by Google