ActivityShielder: An Activity Hijacking Defense Scheme for Android Devices
作者: Fei Yan , Yijia Li , Liqiang Zhang
DOI: 10.1109/ICCCN.2018.8487367
关键词:
摘要: With the growing popularity of smartphones in vast areas, security Android has been a vital pursuit for developers. Among issues Android, Activity hijacking attacks pose severe threat to normal APPs and sensitive input data by exploiting flaws UI management mechanism with high elusiveness extensive harmfulness. However, our best knowledge, existing defenses either only work under particular scenarios or incur obvious false positives. To make up this vacancy, we propose novel defense scheme named "ActivityShielder" tasks. The is designed manage entities it can detect block multiple explicitly. We have developed fully functioning prototype ActivityShielder, evaluation results show that ActivityShielder (1) effectively resist activity avoid positives multi-version systems; (2) minor performance impact (lower than 2%) system.
sci-hub.se 参考文章(10)
Yunlong Ren, Yue Li, Fangfang Yuan, Fangjiao Zhang, Hijacking Activity Technology Analysis and Research in Android System International Conference on Trustworthy Computing and Services. pp. 46- 53 ,(2013) , 10.1007/978-3-662-43908-1_6
Chuangang Ren, Hui Xue, Yulong Zhang, Peng Liu, Tao Wei, Towards discovering and understanding task hijacking in android usenix security symposium. pp. 945- 959 ,(2015)
Tongbo Luo, Xing Jin, Ajai Ananthanarayanan, Wenliang Du, Touchjacking Attacks on Web in Android, iOS, and Windows Phone Foundations and Practice of Security. pp. 227- 243 ,(2013) , 10.1007/978-3-642-37119-6_15
Antonio Bianchi, Jacopo Corbetta, Luca Invernizzi, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna, What the App is That? Deception and Countermeasures in the Android User Interface 2015 IEEE Symposium on Security and Privacy. pp. 931- 948 ,(2015) , 10.1109/SP.2015.62
Chia-Chi Lin, Hongyang Li, Xiaoyong Zhou, XiaoFeng Wang, Screenmilker: How to Milk Your Android Screen for Secrets. network and distributed system security symposium. ,(2014) , 10.14722/NDSS.2014.23049
Brendan Saltaformaggio, Rohit Bhatia, Zhongshu Gu, Xiangyu Zhang, Dongyan Xu, GUITAR: Piecing Together Android App GUIs from Memory Images computer and communications security. pp. 120- 132 ,(2015) , 10.1145/2810103.2813650
Qi Alfred Chen, Z. Morley Mao, Zhiyun Qian, Peeking into your app without actually seeing it: UI state inference and novel android attacks usenix security symposium. pp. 1037- 1052 ,(2014)
Zhaoguo Wang, Chenglong Li, Yi Guan, Yibo Xue, Yingfei Dong, ActivityHijacker: Hijacking the Android Activity Component for Sensitive Data 2016 25th International Conference on Computer Communication and Networks (ICCCN). pp. 1- 9 ,(2016) , 10.1109/ICCCN.2016.7568487
Chuangang Ren, Peng Liu, Sencun Zhu, WindowGuard: Systematic Protection of GUI Security in Android. network and distributed system security symposium. ,(2017) , 10.14722/NDSS.2017.23529
You Wei, Xu Qiang, Shi Wenchang, Liang Bin, Detecting Android malware phishing login interface based on SURF algorithm Journal of Tsinghua University. ,vol. 56, pp. 77- 82 ,(2016) , 10.16511/J.CNKI.QHDXXB.2016.23.009