• Corpus ID: 19810277

Measuring the Insecurity of Mobile Deep Links of Android

@inproceedings{Liu2017MeasuringTI,
  title={Measuring the Insecurity of Mobile Deep Links of Android},
  author={Fang Liu and C. Wang and Andres Pico and Danfeng Daphne Yao and G. Wang},
  booktitle={USENIX Security Symposium},
  year={2017}
}
Mobile deep links are URIs that point to specific locations within apps, which are instrumental to web-to-app communications. [] Key Method Second, we identify a new vulnerability in App link’s preference setting, which allows a malicious app to intercept arbitrary HTTPS URLs in the browser without raising any alerts. Third, we identify more hijacking cases on App links than existing scheme URLs among both apps and websites. Many of them are targeting popular sites such as online social networks. Finally…
View Paper
people.cs.vt.edu
25 Citations
Background Citations
18
Methods Citations
3

25 Citations

All your app links are belong to us: understanding the threats of instant apps based attacks

This paper explores the weakness of the existing app link mechanism and proposes three feasible hijacking attacks, and proposes the corresponding detection and defense methods that can successfully prevent the proposed hijackings for all the evaluated apps, thus raising the bar against the attacks on Android app links.

Aladdin: Automating Release of Deep-Link APIs on Android

A large-scale empirical study is presented to investigate how deep links are really adopted, over 25,000 Android apps and proposes the Aladdin approach along with its supporting tool to help developers practically automate the release of deep-link APIs to access locations inside their apps.

Identifying Mobile Inter-App Communication Risks

This work presents a flow analysis for app pairs that computes the risk level associated with their potential communications and statically analyzes the sensitivity and context of each inter-app flow based on inter-component communication (ICC) between communicating apps, and defines fine-grained security policies for inter- app ICC risk classification.

ReACt: A Resource-centric Access Control System for Web-app Interactions on Android

ReACt is proposed, a novel Resource-centric Access Control design that can coherently work with all the web-app interaction mechanisms while addressing the above-mentioned limitations.

Android single sign-on security: Issues, taxonomy and directions

A Wizard-based Approach for Secure Code Generation of Single Sign-On and Access Delegation Solutions for Mobile Native Apps

A novel wizard-based approach that guides developers to integrate multiple third-party Identity Management providers in their apps by “enforcing” the usage of best practices for native apps and automatically generating the code to enable the communication with the different IdM providers.

Threat Assessment for Android Environment with Connectivity to IoT Devices from the Perspective of Situational Awareness

This study suggests a method to evaluate threats to be installed in the Android OS environment in conjunction with machine learning algorithms and presents future direction from the cyber threat intelligence perspective and situational awareness, which are the recent issues.

Elix: Path-Selective Taint Analysis for Extracting Mobile App Links

Elix is an automated app link extractor that adopts a novel, path-selective taint analysis that leverages symbolic execution to reason about path constraints and abandon infeasible paths, and simplifies the scheme of extracted links by reducing complex types to a minimal set of primitive types.

Elix : Path-Selective TaintAnalysis for ExtractingMobileAppLinks

Elix is an automated app link extractor that adopts a novel, path-selective taint analysis that leverages symbolic execution to reason about path constraints and abandon infeasible paths and simplifies the scheme of extracted links by reducing complex types to a minimal set of primitive types.

Application of Software Analysis in Detecting Vulnerabilities:Testing and Security Assessment

AndroidSlicer is developed, the first novel, efficient, and effective dynamic program slicing tool for Android apps that is useful for a variety of tasks, from testing to debugging to security assessment, and GAGA, an efficient genetic algorithm for graph anonymization that simultaneously delivers high anonymization and utility preservation is presented.

References

SHOWING 1-10 OF 50 REFERENCES

Unauthorized origin crossing on mobile platforms: threats and mitigation

An origin-based protection mechanism, called Morbs, is designed for mobile OSes that labels every message with its origin information, lets developers easily specify security policies, and enforce the policies on the mobile channels based on origins, and demonstrates the effectiveness of the new technique in defeating unauthorized origin crossing.

CHEX: statically vetting Android apps for component hijacking vulnerabilities

This paper proposes CHEX, a static analysis method to automatically vet Android apps for component hijacking vulnerabilities, and prototyped CHEX based on Dalysis, a generic static analysis framework that was built to support many types of analysis on Android app bytecode.

PatchDroid: scalable third-party security patches for Android devices

The PatchDroid system is designed for device-independent patch creation, and uses in-memory patching techniques to address vulnerabilities in both native and managed code, and represents a realistic path towards dramatically reducing the number of exploitable Android devices in the wild.

Attacks on WebView in the Android system

Two essential pieces of the Web's security infrastructure are weakened if WebView and its APIs are used: the Trusted Computing Base at the client side, and the sandbox protection implemented by browsers.

On the Need of Precise Inter-App ICC Classification for Detecting Android

The objective of this position paper is to point out the need for practical solutions for detecting malware collusion, and shows experimental evidence on the technical challenges associated with classifying benign Android inter-component communication (ICC) flows from colluding ones.

AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications

This paper proposes a technique for automatic patch generation that automatically generates a patch to disable a vulnerable Android app and a discovered component hijacking vulnerability, and evaluation on 16 real-world vulnerable Android apps shows that the generated patches can effectively track and mitigate component hijacked vulnerabilities.

XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks

The design and implementation of XManDroid (eXtended Monitoring on Android), a security framework that extends the monitoring mechanism of Android to detect and prevent application-level privilege escalation attacks at runtime based on a system-centric system policy is presented.

Multi-App Security Analysis with FUSE: Statically Detecting Android App Collusion

A collection of tools that provide a static information flow analysis across a set of applications, showing a holistic view of all the applications destined for a particular device.

COVERT: Compositional Analysis of Android Inter-App Permission Leakage

COVERT's analysis is modular to enable incremental analysis of applications as they are installed, updated, and removed, and corroborates its ability to find inter-app vulnerabilities in bundles of some of the most popular apps on the market.

Analyzing inter-application communication in Android

This work examines Android application interaction and identifies security risks in application components and provides a tool, ComDroid, that detects application communication vulnerabilities and found 34 exploitable vulnerabilities.