A NALYZING I NTER -A PPLICATION C OMMUNICATION IN A NDROID Erika - - PowerPoint PPT Presentation

a nalyzing i nter a pplication c ommunication in a ndroid
SMART_READER_LITE
LIVE PREVIEW

A NALYZING I NTER -A PPLICATION C OMMUNICATION IN A NDROID Erika - - PowerPoint PPT Presentation

May 17, 2023 124 likes •399 views

A NALYZING I NTER -A PPLICATION C OMMUNICATION IN A NDROID Erika Chin Adrienne Porter Felt Kate Greenwood David Wagner UC Berkeley I NTER -A PPLICATION C OMMUNICATION Yelp App Eavesdropping Attacks Injection Attacks Inter-Application

slide-1
SLIDE 1

ANALYZING INTER-APPLICATION COMMUNICATION IN ANDROID

Erika Chin Adrienne Porter Felt Kate Greenwood David Wagner UC Berkeley

slide-2
SLIDE 2

INTER-APPLICATION COMMUNICATION

2

Yelp App Maps App Dialer App Malicious App

  • Eavesdropping Attacks

Inter-Application Communication

Other App

  • Injection Attacks
slide-3
SLIDE 3

ORGANIZATION

¢ Android communication model ¢ Security analysis of Android ¢ ComDroid ¢ Analysis of third-party applications ¢ Recommendations

3

slide-4
SLIDE 4

ANDROID OVERVIEW

¢ Intents = Android IPC ¢ Applications are divided into components ¢ Intents can be sent between components ¢ Intents can be used for intra- and inter-application

communication

4

Sender Receiver Intent

slide-5
SLIDE 5

EXPLICIT INTENTS

5

Yelp Map App

Name: MapActivity To: MapActivity

Only the specified destination receives this message

slide-6
SLIDE 6

IMPLICIT INTENTS

6

Yelp Clock App Map App

Handles Action: VIEW Handles Action: DISPLAYTIME Implicit Intent Action: VIEW

slide-7
SLIDE 7

IMPLICIT INTENTS

7

Yelp Browser App Map App

Handles Action: VIEW Handles Action: VIEW Implicit Intent Action: VIEW

slide-8
SLIDE 8

SECURITY ANALYSIS OF ANDROID

8

slide-9
SLIDE 9

COMMON DEVELOPER PATTERN: UNIQUE ACTION STRINGS

9

Showtime Search Results UI IMDb App Handles Actions: willUpdateShowtimes, showtimesNoLocationError Implicit Intent Action: willUpdateShowtimes

slide-10
SLIDE 10

10

slide-11
SLIDE 11

COMMON DEVELOPER PATTERN: UNIQUE ACTION STRINGS

11

Showtime Search Results UI IMDb App Handles Actions: willUpdateShowtimes, showtimesNoLocationError Implicit Intent Action: willUpdateShowtimes

slide-12
SLIDE 12

ATTACK #1: EAVESDROPPING

12

Showtime Search Malicious Receiver IMDb App Handles Action: willUpdateShowtimes, showtimesNoLocationError Implicit Intent Action: willUpdateShowtimes Eavesdropping App

Sending Implicit Intents makes communication public

slide-13
SLIDE 13

ATTACK #2: INTENT SPOOFING

13

Malicious Component Results UI IMDb App Handles Action: willUpdateShowtimes, showtimesNoLocationError Action: showtimesNoLocationError Malicious Injection App

Receiving Implicit Intents makes the component public

slide-14
SLIDE 14

14

Typical case Attack case

slide-15
SLIDE 15

ATTACK #3: MAN IN THE MIDDLE

15

Showtime Search Results UI IMDb App Handles Action: willUpdateShowtimes, showtimesNoLocation Error Malicious Receiver Handles Action: willUpdateShowtimes, showtimesNoLocationError Man-in-the-Middle App Action: willUpdateShowtimes Action: showtimesNoLocation Error

slide-16
SLIDE 16

ATTACK #4: SYSTEM INTENT SPOOFING

¢ Background – System Broadcast — Event notifications sent by the system — Some can only be sent by the system ¢ Receivers become accessible to all applications

when listening for system broadcast

16

slide-17
SLIDE 17

SYSTEM BROADCAST

17

Component App 1 Handles Action: BootCompleted Component App 2 Handles Action: BootCompleted Component App 3 Handles Action: BootCompleted System Notifier Action: BootCompleted

slide-18
SLIDE 18

SYSTEM INTENT SPOOFING: FAILED ATTACK

18

Handles Action: BootCompleted Malicious Component Malicious App Action: BootCompleted Component App 1

slide-19
SLIDE 19

SYSTEM INTENT SPOOFING: SUCCESSFUL ATTACK

19

Handles Action: BootCompleted Malicious Component Malicious App Component App 1 To: App1.Component

slide-20
SLIDE 20

REAL WORLD EXAMPLE: ICE APP

¢ ICE App: Allows doctors access to medical

information on phones

¢ Contains a component that listens for the

BootCompleted system broadcast

¢ On receipt of the Intent, it exits the application

and locks the screen

20

slide-21
SLIDE 21

REAL WORLD EXAMPLE: ICE

21

slide-22
SLIDE 22

COMDROID

22

ComDroid Android Executable File Security Warnings for Exposed Communication

ComDroid analyzes applications to detect Intent- based attack surfaces

slide-23
SLIDE 23

EVALUATION

¢ Manually verified ComDroid’s warnings for 20

applications

¢ 60% of applications examined have at least 1

exploitable IPC vulnerability

23

Type # of Warnings # of Apps Severe Vulnerability 34 12 Bad Practice 16 6 Spurious Warning 6 6

slide-24
SLIDE 24

RECOMMENDATIONS

¢ Treat inter- and intra-application communication

as different cases

¢ Prevent public internal communication — 21% of severe vulnerabilities — 63% of bugs due to bad practice ¢ Verify system broadcasts — 6% of severe vulnerabilities — 13% of bugs due to bad practice ¢ Can be fixed by either developers or platform

24

slide-25
SLIDE 25

RELATED WORK

¢ Enck et al. – introduces information leakage

through Broadcast Intents and information injection into Receivers

¢ Burns – discusses other common developers’

errors

25

slide-26
SLIDE 26

CONCLUSION

¢ Applications may be vulnerable to other

applications through Android Intent communication

¢ Many developers misuse Intents or do not realize

the consequences of their program design

¢ 60% of applications examined had at least 1

vulnerability

¢ ComDroid tool to be publically accessible soon at

www.comdroid.org

26

slide-27
SLIDE 27

Thank you! Any questions?

27