• Corpus ID: 238634213

Towards a Principled Approach for Dynamic Analysis of Android's Middleware

  title={Towards a Principled Approach for Dynamic Analysis of Android's Middleware},
  author={Oliver Schranz and Sebastian Weisgerber and Erik Derr and Michael Backes and Sven Bugiel},
The Android middleware, in particular the so-called systemserver, is a crucial and central component to Android’s security and robustness. To understand whether the systemserver provides the demanded security properties, it has to be thoroughly tested and analyzed. A dedicated line of research focuses exclusively on this task. While static analysis builds on established tools, dynamic testing approaches lack a common foundation, which prevents the community from comparing, reproducing, or even… 

Figures and Tables from this paper


On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis
A static runtime model of the application framework is established in order to study its internals and provides the first high-level classification of the framework’s protected resources, uncovering design patterns that differ highly from the runtime model at the application layer.
ARF: identifying re-delegation vulnerabilities in Android system services
The proposed Android Re-delegation Finder (ARF) analysis framework analyzes an interconnected graph of entry points in system services, deriving calling dependencies, annotating permission checks, and identifying potentially vulnerable deputies that improperly expose information or functionality to third-party applications.
PScout: analyzing the Android permission specification
An analysis of the permission system of the Android smartphone OS is performed and it is found that a trade-off exists between enabling least-privilege security with fine-grained permissions and maintaining stability of the permissions specification as the Android OS evolves.
BinderCracker: Assessing the Robustness of Android System Services
This paper design and implement BinderCracker, an automatic testing framework that supports parameter-aware fuzzing and has identified more than 100 vulnerabilities in six major versions of Android, including the latest version Android 6.0, Marshmallow.
From System Services Freezing to System Server Shutdown in Android: All You Need Is a Loop in an App
Results of a further threat analysis show that by writing a loop to invoke Android APIs in an app, an attacker can continually freeze (reboot) the device at targeted critical moments (e.g., when patching vulnerable apps) and exploit the Android Stroke Vulnerabilities.
Precise Android API Protection Mapping Derivation and Reasoning
This work proposes to precisely derive Android protection specification in a path-sensitive fashion, using a novel graph abstraction technique, and demonstrates how the generated maps can be applied to tackle security issues through logical satisfiability reasoning.
Upgrading Your Android, Elevating My Malware: Privilege Escalation through Mobile OS Updating
This research brought to light a new type of security-critical vulnerabilities, called Pileup flaws, through which a malicious app can strategically declare a set of privileges and attributes on a low-version operating system (OS) and wait until it is upgraded to escalate its privileges on the new system.
ARTist: The Android Runtime Instrumentation and Security Toolkit
With the introduction of Android 5 Lollipop, the Android Runtime (ART) superseded the Dalvik Virtual Machine (DVM) by introducing ahead-of-time compilation and native execution of applications,
Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework
This work proposes Kratos, a tool that leverages static analysis to build a precise call graph for identifying paths that allow third-party applications with insufficient privilege to access sensitive resources, violating security policies, and conservatively discovered at least fourteen inconsistent security enforcement cases.
The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations
This study analyzed three popular phones from Samsung, identified their likely flaws and built end-to-end attacks that allow an unprivileged app to take pictures and screenshots, and even log the keys the user enters through touch screen.