slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerability PowerPoint Presentation
Download Presentation
CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerability

Loading in 2 Seconds...

play fullscreen
1 / 21

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerability - PowerPoint PPT Presentation


  • 240 Views
  • Uploaded on

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerability. V etting vulnerable apps in large scale. Accurate and scalable app vetting methods. Component hijacking vulnerability. High volume of app submissions Inexperienced developers Large number of vulnerable apps.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerability' - ura


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

CHEX:

Statically Vetting Android Apps for

Component Hijacking Vulnerability

v etting vulnerable apps in large scale
Vetting vulnerable apps in large scale

Accurate and scalable app vetting methods

Component hijacking vulnerability

High volume of app submissions

Inexperienced developers

Large number of vulnerable apps

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

components in android apps
Components in Android Apps

App1

App2

Android Framework

  • Type
    • Activity
    • Service
    • Broadcast Receiver
    • Content Provider
  • Export Component
    • The component is publicly available

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

what can go wrong
What can go wrong?

Unauthorized access to protected resources

Contact Manager App

  • Enumerator
  • Service

Android Framework

Contacts

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

what can go wrong1
What can go wrong?

Unauthorized access to private resources

Contact Manager App

Private

Storage

Android Framework

  • Setting Update
  • Receiver

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

component hijacking attacks
Component hijacking attacks

A class of attacks that seek to

gain unauthorized access to protected or private resources

through exported components in vulnerable apps.

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

chex component hijacking examiner
CHEX -- Component Hijacking Examiner

Goal: Vetting large volumes of apps for component hijacking vulnerabilities

CHEX

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

analysis approach
Analysis approach

App

Private

Android Framework

Protected

  • A data-flow perspective
    • Component hijacking 

read/write protected or private data via exported components

    • Detecting component hijacking  finding “hijack-enabling flows”

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

challenges
Challenges

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

code example
Code Example

Component Hijacking vulnerable app

Malicious app:

Ibinder binder;

/* Connect to the service */

/* Send message to the service */

Messenger mMessenger = new Messenger(binder)

mMessenger.send(msg);

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

app entry points
App entry points

Definition: App entry points are the methods that are defined by the app and intended to be called only by the framework.

  • Points through which control transfers to the app
    • Start point
    • Callbacks

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

app splitting
App splitting

Definition:

A split is a subset of the app code that is reachable from an entry point.

App

Android Framework

  • Modeling app execution by permuting split executions in all feasible orders
  • Why reasonable?
    • Most splits cannot be interleaved
    • Efficient pruning techniques

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

sds and pds
SDS and PDS

G1

Src1

  • Split Data-flow Summary (SDS)
    • Intra-split data-flows that start and end at
      • heapvariables, sources, or sinks.

Sink1

G1

Src1

G1

When permutation ends, all possible data-flows have been enumerated.

Sink1

Permutation Data-flow Summary (PDS)

  • Linking two adjacent SDSs in a feasible permutation

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

identifying hijack enabling flows
Identifying “hijack-enabling flows”

Input

Sensitive

Input

Sensitive

Input-specified

exit

Public

Critical

Using descriptive policies to specify flows of interests

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

evaluations
Evaluations
  • 5,486 apps from the official and alternative markets
  • Hardware spec: Intel Core i7-970 with 12GB RAM

Performance

Accuracy

254/5,486 flagged as vulnerable

True positive rate: 81%

  • Median processing time: 37sec
  • 22% apps took >5min

Insights

  • 50 entry points of 44 types per app
  • 99.7% apps contain inter-split data-flows

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

case study
Case study

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

conclusion
Conclusion

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

slide18

Thank You

Q&A?

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

dalysis dalvik analysis framework
Dalysis: Dalvik Analysis Framework

Meta data

Parse

manifest

Point-to analysis

Constants

Instruction translation

Abstract interpretation

SSA conversion

Call graph builder

Disassemble

bytecode

(DexLib)

SSA IR

Class

hierarchy

SDG builder

Instructions

Backend

Frontend

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

Consumes off-the-shelf Android app package (.apk)

Generates SSA IR (adopted from WALA)

Supports extensible backend for multiple types analysis tasks

entry point discovery
Entry point discovery

Unused methods overriding framework

Dead code

Entry points

  • How to distinguish?
    • Containing class is instantiated
    • Original interface is never called by app

Observation: only two ways to “register” entry points

  • Declaring them in the manifest file
  • Overriding/implementing the designated interfaces

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities

more complex view
More complex view

Entry Point

GetLastLocation

(Sensitive Source)

Message

(Input Source)

Handle Message

SendParams

(Transit sink)

currLoc

(GV)

Entry Point

params

(Transit Source)

currLoc

(GV)

Background,

New thread

HTTPClient Execute

(critical sink)

CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities