Security analysis of permission re-delegation vulnerabilities in Android apps
The
Android platform facilitates reuse of app functionalities by allowing an app
to request an action from another app through inter-process communication
mechanism. This feature is one of the reasons for the popularity of Android,
but it also poses security risks to the end users because malicious,
unprivileged apps could exploit this feature to make privileged apps perform
privileged actions on behalf of them. In this paper, we investigate the
hybrid use of program analysis, genetic algorithm based test generation,
natural language processing, machine learning techniques for precise
detection of permission re-delegation vulnerabilities in Android apps. Our
approach first groups a large set of benign and nonvulnerable apps into
different clusters, based on their similarities in terms of functional
descriptions. It then generates permission re-delegation model for each
cluster, which characterizes common permission re-delegation behaviors of the
apps in the cluster. Given an app under test, our approach checks whether it
has permission re-delegation behaviors that deviate from the model of the
cluster it belongs to. If that is the case, it generates test cases to detect
the vulnerabilities. We evaluated the vulnerability detection capability of
our approach based on 1,258 official apps and 20 mutated apps. Our approach
achieved 81.8% recall and 100% precision. We also compared our approach with
two static analysisbased approaches — Covert and IccTA — based on 595 open
source apps. Our approach detected 30 vulnerable apps whereas Covert detected
one of them and IccTA did not detect any. Executable proof-of-concept attacks
generated by our approach were reported to the corresponding app
developers. |