JNI Global References Are Still Vulnerable: Attacks and Defenses

摘要: System services and resources in the Android are accessed through IPC based mechanisms. However, previous research has demonstrated that they vulnerable to denial-of-service attack (DoS attack). For instance, JNI global reference (JGR), which is widely used by system services, can be exhausted cause reboot (hence name JGRE Even though team tries fix problem enforcing security check, however, we find it still possible construct a JGR exhaustion DoS Android. In this paper, propose new attack, effective different releases, including latest one (i.e., 10). Specifically, developed JGREAnalyzer, tool systematically detect APIs via callgraph analysis forwarding reachability analysis. We applied versions found multiple vulnerabilities. particular, among 148 10, 12 have 21 Among them, 9 successfully exploited without any permission. further analyze root of vulnerabilities defense throttle restricting resource consumption counting.