Once Root Always a Threat: Analyzing the Security Threats of Android Permission System
作者: Zhongwen Zhang , Yuewu Wang , Jiwu Jing , Qiongxiao Wang , Lingguang Lei
DOI: 10.1007/978-3-319-08344-5_23
关键词: Rootkit 、 Permission 、 Internet privacy 、 Access control 、 Phone 、 Backup 、 Survivability 、 Compromise 、 Computer science 、 Computer security 、 Android (operating system)
摘要: Android permission system enforces access control to those privacy-related resources in phones. Unfortunately, the could be bypassed when phone is rooted. On a rooted phone, processes can run with root privilege and arbitrarily any without permission. Many people are willing their phones uninstall pre-installed applications, flash third party ROMs, backup so on. People use rootkit tools The mainstream China provided by some well-known security vendors. Besides root, these vendors also provide one-click-unroot function unroot phone. process gives users feeling that will roll back original safe state. In this paper, we present threats analysis of on once unrooted later. phones, two categories attacks: tampering data files attack code carried out. Also, attacks’ detection rate, damage degree, influence range, survivability real word analyzed. Analysis result shows even under Antivirus’ monitoring, attacks towards still out survive after unrooted. Therefore, faces long-term compromise. potential defense solutions discussed.
springer.com
sci-hub.se 参考文章(25)
Yajin Zhou, Xinwen Zhang, Xuxian Jiang, Vincent W. Freeh, Taming information-stealing smartphone applications (on Android) trust and trustworthy computing. pp. 93- 107 ,(2011) , 10.1007/978-3-642-21599-5_7
T. Alves, TrustZone : Integrated Hardware and Software Security White Paper. ,(2004)
Kenneth Alexander Nicolson, Tomoyuki Haga, Hisashi Takayama, Hideki Matsushima, Takayuki Ito, Secure boot with optional components method ,(2009)
Mauro Conti, Vu Thien Nga Nguyen, Bruno Crispo, CRePE: context-related policy enforcement for android international conference on information security. ,vol. 6531, pp. 331- 345 ,(2010) , 10.1007/978-3-642-18178-8_29
Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel, Semantically rich application-centric security in Android Security and Communication Networks. ,vol. 5, pp. 658- 673 ,(2012) , 10.1002/SEC.360
Jan-Erik Ekberg, Secure boot with trusted computing group platform registers ,(2012)
Shashi Shekhar, Michael Dietz, Anhei Shu, Dan S. Wallach, Yuliy Pisetsky, Quire: lightweight provenance for smart phone operating systems usenix security symposium. pp. 23- 23 ,(2011)
Alexander Moshchuk, Adrienne Porter Felt, Helen J. Wang, Erika Chin, Steven Hanna, Permission re-delegation: attacks and defenses usenix security symposium. pp. 22- 22 ,(2011)
Tang Kai, Xu Xin, Chunxia Guo, The Secure Boot of Embedded System Based on Mobile Trusted Module 2012 Second International Conference on Intelligent System Design and Engineering Application. pp. 1331- 1334 ,(2012) , 10.1109/ISDEA.2012.646
Erika Chin, Adrienne Porter Felt, Kate Greenwood, David Wagner, Analyzing inter-application communication in Android Proceedings of the 9th international conference on Mobile systems, applications, and services - MobiSys '11. pp. 239- 252 ,(2011) , 10.1145/1999995.2000018