Reference Hijacking: Patching, Protecting and Analyzing on Unmodified and Non-Rooted Android Devices.
Saved in:
| Title: | Reference Hijacking: Patching, Protecting and Analyzing on Unmodified and Non-Rooted Android Devices. |
|---|---|
| Authors: | Wei You1,2 youwei@ruc.edu.cn, Bin Liang1,2 liangb@ruc.edu.cn, Wenchang Shi1,2 wenchang@ruc.edu.cn, Shuyang Zhu1,2 zhushuyang@ruc.edu.cn, Peng Wang1,2 pengwang@ruc.edu.cn, Sikefu Xie1,2 decadall@ruc.edu.cn, Xiangyu Zhang3 xyzhang@cs.purdue.edu |
| Source: | ICSE: International Conference on Software Engineering. 5/14/2016, p959-970. 12p. |
| Subjects: | Software engineering, Mobile operating systems, Android (Operating system), Hijacking, Communication, Security systems |
| Abstract: | Many efforts have been paid to enhance the security of Android. However, less attention has been given to how to practically adopt the enhancements on off-the-shelf devices. In particular, securing Android devices often requires modifying their write-protected underlying system component files (especially the system libraries) by flashing or rooting devices, which is unacceptable in many realistic cases. In this paper, a novel technique, called reference hijacking, is presented to address the problem. By introducing a specially designed reset procedure, a new execution environment is constructed for the target application, in which the reference to the underlying system libraries will be redirected to the securityenhanced alternatives. The technique can be applicable to both the Dalvik and Android Runtime (ART) environments and to almost all mainstream Android versions (2.x to 5.x). To demonstrate the capability of reference hijacking, we develop three prototype systems, PatchMan, ControlMan, and TaintMan, to enforce specific security enhancements, involving patching vulnerabilities, protecting inter-component communications, and performing dynamic taint analysis for the target application. These three prototypes have been successfully deployed on a number of popular Android devices from different manufacturers, without modifying the underlying system. The evaluation results show that they are effective and do not introduce noticeable overhead. They strongly support that reference hijacking can substantially improve the practicability of many security enhancement efforts for Android. [ABSTRACT FROM AUTHOR] |
| Copyright of ICSE: International Conference on Software Engineering is the property of Association for Computing Machinery and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Engineering Source |
| FullText | Links: – Type: pdflink Text: Availability: 0 |
|---|---|
| Header | DbId: egs DbLabel: Engineering Source An: 125519997 AccessLevel: 6 PubType: Conference PubTypeId: conference PreciseRelevancyScore: 0 |
| IllustrationInfo | |
| Items | – Name: Title Label: Title Group: Ti Data: Reference Hijacking: Patching, Protecting and Analyzing on Unmodified and Non-Rooted Android Devices. – Name: Author Label: Authors Group: Au Data: <searchLink fieldCode="AR" term="%22Wei+You%22">Wei You</searchLink><relatesTo>1,2</relatesTo><i> youwei@ruc.edu.cn</i><br /><searchLink fieldCode="AR" term="%22Bin+Liang%22">Bin Liang</searchLink><relatesTo>1,2</relatesTo><i> liangb@ruc.edu.cn</i><br /><searchLink fieldCode="AR" term="%22Wenchang+Shi%22">Wenchang Shi</searchLink><relatesTo>1,2</relatesTo><i> wenchang@ruc.edu.cn</i><br /><searchLink fieldCode="AR" term="%22Shuyang+Zhu%22">Shuyang Zhu</searchLink><relatesTo>1,2</relatesTo><i> zhushuyang@ruc.edu.cn</i><br /><searchLink fieldCode="AR" term="%22Peng+Wang%22">Peng Wang</searchLink><relatesTo>1,2</relatesTo><i> pengwang@ruc.edu.cn</i><br /><searchLink fieldCode="AR" term="%22Sikefu+Xie%22">Sikefu Xie</searchLink><relatesTo>1,2</relatesTo><i> decadall@ruc.edu.cn</i><br /><searchLink fieldCode="AR" term="%22Xiangyu+Zhang%22">Xiangyu Zhang</searchLink><relatesTo>3</relatesTo><i> xyzhang@cs.purdue.edu</i> – Name: TitleSource Label: Source Group: Src Data: <searchLink fieldCode="JN" term="%22ICSE%3A+International+Conference+on+Software+Engineering%22">ICSE: International Conference on Software Engineering</searchLink>. 5/14/2016, p959-970. 12p. – Name: Subject Label: Subjects Group: Su Data: <searchLink fieldCode="DE" term="%22Software+engineering%22">Software engineering</searchLink><br /><searchLink fieldCode="DE" term="%22Mobile+operating+systems%22">Mobile operating systems</searchLink><br /><searchLink fieldCode="DE" term="%22Android+%28Operating+system%29%22">Android (Operating system)</searchLink><br /><searchLink fieldCode="DE" term="%22Hijacking%22">Hijacking</searchLink><br /><searchLink fieldCode="DE" term="%22Communication%22">Communication</searchLink><br /><searchLink fieldCode="DE" term="%22Security+systems%22">Security systems</searchLink> – Name: Abstract Label: Abstract Group: Ab Data: Many efforts have been paid to enhance the security of Android. However, less attention has been given to how to practically adopt the enhancements on off-the-shelf devices. In particular, securing Android devices often requires modifying their write-protected underlying system component files (especially the system libraries) by flashing or rooting devices, which is unacceptable in many realistic cases. In this paper, a novel technique, called reference hijacking, is presented to address the problem. By introducing a specially designed reset procedure, a new execution environment is constructed for the target application, in which the reference to the underlying system libraries will be redirected to the securityenhanced alternatives. The technique can be applicable to both the Dalvik and Android Runtime (ART) environments and to almost all mainstream Android versions (2.x to 5.x). To demonstrate the capability of reference hijacking, we develop three prototype systems, PatchMan, ControlMan, and TaintMan, to enforce specific security enhancements, involving patching vulnerabilities, protecting inter-component communications, and performing dynamic taint analysis for the target application. These three prototypes have been successfully deployed on a number of popular Android devices from different manufacturers, without modifying the underlying system. The evaluation results show that they are effective and do not introduce noticeable overhead. They strongly support that reference hijacking can substantially improve the practicability of many security enhancement efforts for Android. [ABSTRACT FROM AUTHOR] – Name: AbstractSuppliedCopyright Label: Group: Ab Data: <i>Copyright of ICSE: International Conference on Software Engineering is the property of Association for Computing Machinery and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.) |
| PLink | https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=125519997 |
| RecordInfo | BibRecord: BibEntity: Identifiers: – Type: doi Value: 10.1145/2884781.2884863 Languages: – Code: eng Text: English PhysicalDescription: Pagination: PageCount: 12 StartPage: 959 Subjects: – SubjectFull: Software engineering Type: general – SubjectFull: Mobile operating systems Type: general – SubjectFull: Android (Operating system) Type: general – SubjectFull: Hijacking Type: general – SubjectFull: Communication Type: general – SubjectFull: Security systems Type: general Titles: – TitleFull: Reference Hijacking: Patching, Protecting and Analyzing on Unmodified and Non-Rooted Android Devices. Type: main BibRelationships: HasContributorRelationships: – PersonEntity: Name: NameFull: Wei You – PersonEntity: Name: NameFull: Bin Liang – PersonEntity: Name: NameFull: Wenchang Shi – PersonEntity: Name: NameFull: Shuyang Zhu – PersonEntity: Name: NameFull: Peng Wang – PersonEntity: Name: NameFull: Sikefu Xie – PersonEntity: Name: NameFull: Xiangyu Zhang IsPartOfRelationships: – BibEntity: Dates: – D: 14 M: 05 Text: 5/14/2016 Type: published Y: 2016 Titles: – TitleFull: ICSE: International Conference on Software Engineering Type: main |
| ResultId | 1 |