All about activity injection: Threats, semantics, detection, and defense. (30th January 2020)
- Record Type:
- Journal Article
- Title:
- All about activity injection: Threats, semantics, detection, and defense. (30th January 2020)
- Main Title:
- All about activity injection: Threats, semantics, detection, and defense
- Authors:
- Hwang, Sungjae
Lee, Sungho
Ryu, Sukyoung - Abstract:
- Summary: Android supports seamless user experience by maintaining activities from different applications (apps) in the same activity stack. Although such close inter‐app communication is essential in the Android framework, the powerful inter‐app communication contains vulnerabilities that can inject malicious activities into a victim app's activity stack to hijack user interaction flows. In this article, we demonstrate activity injection attacks with a simple malware, and formally specify the activity activation mechanism using operational semantics. Based on the operational semantics, we develop a static analysis tool, which analyzes Android apps to detect activity injection attacks. Our tool is fast enough to analyze real‐world Android apps in 6 seconds on average, and our experiments found that 1761 apps out of 129, 756 real‐world Android apps inject their activities into other apps' tasks. Moreover, we propose a defense mechanism, dubbed signature‐based activity access control (SAAC), which completely prohibits activity injection attacks. The defense mechanism is general enough to keep the current Android multitasking features intact, and it is simple enough to be independent of the complex activity activation semantics, which does not increase activity activation time noticeably. With the extension of the formal semantics for SAAC, we prove that SAAC correctly mitigates activity injection attacks without any false alarms.
- Is Part Of:
- Software, practice & experience. Volume 50:Number 7(2020)
- Journal:
- Software, practice & experience
- Issue:
- Volume 50:Number 7(2020)
- Issue Display:
- Volume 50, Issue 7 (2020)
- Year:
- 2020
- Volume:
- 50
- Issue:
- 7
- Issue Sort Value:
- 2020-0050-0007-0000
- Page Start:
- 1061
- Page End:
- 1086
- Publication Date:
- 2020-01-30
- Subjects:
- activity injection -- Android -- mobile security -- UI security
Computer software -- Periodicals
Computer programming -- Periodicals
Computer programs -- Periodicals
005.3 - Journal URLs:
- http://onlinelibrary.wiley.com/ ↗
- DOI:
- 10.1002/spe.2792 ↗
- Languages:
- English
- ISSNs:
- 0038-0644
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 8321.453000
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 13139.xml