Browse > Article
http://dx.doi.org/10.13089/JKIISC.2019.29.1.205

A Practical Design and Implementation of Android App Cache Manipulation Attacks  

Hong, Seok (Samsung Research, Samsung Electronics)
Kim, Dong-uk (Samsung Research, Samsung Electronics)
Kim, Hyoungshick (Sungkyunkwan University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.29, no.1, 2019 , pp. 205-214 More about this Journal
Abstract
Android uses app cache files to improve app execution performance. However, this optimization technique may raise security issues that need to be examined. In this paper, we present a practical design of "Android app cache manipulation attack" to intentionally modify the cache files of a target app, which can be misused for stealing personal information and performing malicious activities on target apps. Even though the Android framework uses a checksum-based integrity check to protect app cache files, we found that attackers can effectively bypass such checks via the modification of checksum of the target cache files. To demonstrate the feasibility of our attack design, we implemented an attack tool, and performed experiments with real-world Android apps. The experiment results show that 25 apps (86.2%) out of 29 are vulnerable to our attacks. To mitigate app cache manipulation attacks, we suggest two possible defense mechanisms: (1) checking the integrity of app cache files; and (2) applying anti-decompilation techniques.
Keywords
ART; app cache; app integrity attack;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Symantec, "Internet security threat report internet report volume 23" https://www.symantec.com/content/dam/symantec/docs/reports/istr-23-executive-summary-en.pdf, Accessed Feb. 11. 2019.
2 Xuxian Jiang and Yajin Zhou, "Dissecting android malware: characterization and evolution," 2012 IEEE Symposium on Security and Privacy (SP), pp. 95-109. May. 2012.
3 Github, "Jesusfereke/smali" https://github.com/jesusfreke/Smali, Accessed Feb. 11. 2019.
4 Github, "Apktool" https://github.com/iBotPeaches/Apktool, Accessed Feb. 11. 2019.
5 Lukas Dresel, Mykolai Protsenko, and Tilo Muller, "ARTIST: the android runtime instrumentation toolkit," 2016 11th International Conference on Availability, Reliability and Security (ARES), pp. 107-116, Sep. 2016.
6 Michael Backes, Sven Bugiel, Oliver Schranz, Philipp von Styp-Rekowsky and Sebastian Weisgerber, "ARTist: The android runtime instrumentation and security toolkit," 2017 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 481-495, Apr. 2017.
7 Oliver Schranz, "ARTist - A novel ins trumentation framework for reversing and analyzing android apps and the middleware" https://www.blackhat.com/us-18/briefings/schedule/index.html#artist---a-novel-instrumentation-framework-for-reversing-and-analyzing-android-apps-and-the-middleware-10710. Accessed Feb. 11. 2019.
8 Sabanal, Paul, "Hiding behind ART" https://www.blackhat.com/docs/asia-15/materials/asia-15-Sabanal-Hiding-Behind-ART-wp.pdf, Accessed Feb. 11. 2019.
9 Google, "Configuring ART" https://source.android.com/devices/tech/dalvik/configure, Accessed Feb. 11. 2019.
10 Google, "Android 5.0 updates" https://developer.android.com/about/versions/android-5.0-changes?hl=ko, Accessed Feb. 11. 2019.
11 Google, "Android 7.0 for developers" https://developer.android.com/about/v ersions/nougat/android-7.0?hl=ko#jit_aot, Accessed Feb. 11. 2019.
12 Google, "Implementing ART Just-In-Time (JIT) compiler" https://source.android.com/devices/tech/dalvik/jit-compiler, Accessed Feb. 11. 2019.
13 Zhong, X, "ART JIT in Android N" https://connect.linaro.org/resources/las16/las16-201/, Accessed Feb. 11. 2019.
14 Github, "Lief-project" https://github.com/lief-project/lief, Accessed Feb. 11. 2019.
15 Rowland Yu, "Android packers: facing the challenges, building solutions," Proceedings of the 24th Virus Bulletin International Conference (VB 2014), pp.266-275, Sep. 2014.
16 Jia Wan, Mohammad Zulkernine, Phil Eisen and Clifford Liem, "Defending application cache integrity of android runtime," International Conference on Information Security Practice and Experience. Springer, Cham, pp. 727-746, Dec. 2017.
17 Romain Thomas, "Android OAT formats" http://www.romainthomas.fr/post/android-oat/, Accessed Feb. 11. 2019.
18 Github, "DEX-to-DEX optimization" https://github.com/anestisb/oatdump_plus, Accessed Feb. 11. 2019.
19 Github, "AndResGuard" https://github.com/shwenzhang/AndResGuard, Accessed Feb. 11. 2019.