Osman, Tousif ORCID: https://orcid.org/0000-0003-3878-8385 (2020) AppVeto: Securing Android Applications Thtough Resource Access Veto. Masters thesis, Concordia University.
Preview |
Text (application/pdf)
1MBOsman_MASc_F2020.pdf - Accepted Version Available under License Spectrum Terms of Access. |
Abstract
Modern mobile devices and mobile operating systems are equipped with high-resolution motion and environmental sensors, camera, microphone, and other resources to support better usability and the latest features—e.g. augmented reality, personalized user experience, activity tracking etc. Apps on the modern mobile platforms can access these resources with, or without, an explicit user permission. Running multiple concurrent apps is also commonly supported. Although the Android OS generally maintains strict separation between apps, an app can still get access to another app’s private information, such as the user’s input or apps output, through numerous side-channels. This is mostly enabled by having access to permissioned or permission-less (sometimes even unrelated) resources. For example, keystrokes and swipe gestures from a victim app can be inferred indirectly from the accelerometer or gyroscope output, allowing a zero-permission app to learn sensitive inputs such as passwords from the victim’s app. Current mobile OSes has started allowing an app to defend itself in such situations only in some exceptional cases—e.g., screenshot opt-out feature of Android allows an app to self-defense itself from malicious apps trying to capture its information viewed on the screen.
In this work, we propose a general mechanism for apps to self-defend themselves from any unwanted implicit or explicit interference from other concurrently running apps. Our AppVeto solution enables an app developer to easily configure an app’s requirements for a safe environment; a foreground app can request the OS to disallow access—i.e., to enable veto powers—to selected side-channel-prone resources to all other running apps for a constraint duration (also throttled for a short duration for preventing DoS), e.g., no access to the accelerometer during password input. In a sense, we enable a finer-grained access control policy than the current runtime permission model. We implement AppVeto on Android using the Xposed framework and PLT hooking techniques, without changing Android APIs. Furthermore, we show that AppVeto imposes negligible overhead, while being effective against several well-known side-channel attacks—implemented via both Android Java and/or Native APIs.
We have prototyped AppVeto using runtime hooking techniques which allows AppVeto to be used and tested out of the box on any Android OS with Xposed framework installed on it. We also orchestrated our prototype to veto resource access from Android native framework which is not achievable with conventional Android’s native binary hooking techniques. We finally evaluated AppVeto against production apps and test apps. Our performance evaluation also shows AppVeto’s overhead is practical and below tolerable margin and our solution and design can be adopted in present mobile platforms.
Divisions: | Concordia University > Gina Cody School of Engineering and Computer Science > Concordia Institute for Information Systems Engineering |
---|---|
Item Type: | Thesis (Masters) |
Authors: | Osman, Tousif |
Institution: | Concordia University |
Degree Name: | M.A. Sc. |
Program: | Information Systems Security |
Date: | 9 September 2020 |
Thesis Supervisor(s): | Mohammad, Mannan and Youssef, Amr |
Keywords: | Mobile applications security, mobile operating systems, permission management, side-channel attacks |
ID Code: | 987408 |
Deposited By: | Tousif Osman |
Deposited On: | 25 Nov 2020 16:31 |
Last Modified: | 25 Nov 2020 16:31 |
Related URLs: |
Repository Staff Only: item control page