Browse > Article
http://dx.doi.org/10.13089/JKIISC.2021.31.1.73

Analysis of Malicious Behavior Towards Android Storage Vulnerability and Defense Technique Based on Trusted Execution Environment  

Kim, Minkyu (Soongsil University)
Park, Jungsoo (Soongsil University)
Shim, Hyunseok (Soongsil University)
Jung, Souhwan (Soongsil University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.31, no.1, 2021 , pp. 73-81 More about this Journal
Abstract
When downloading files using an app or web-based application on the user's mobile phone, the path is set to be saved in the pre-defined default directory. Many applications requiring access to storage, including file managers, require a write or read permission of storage to provide numerous functions and services. This means that the application will have direct access to the download folder where the numerous files downloaded. In this paper, to prove our feasibility of attack using the security vulnerabilities mentioned above, we developed a file hacking function disguised as an encryption function in the file management application. The file that encrypted will be sent to hackers via E-mail simultaneously on the background. The developed application was evaluated from VirusTotal, a malicious analysis engine, was not detected as a malicious application in all 74 engines. Finally, in this paper, we propose a defense technique and an algorithm based on the Trusted Execution Environment (TEE) to supplement these storage vulnerabilities.
Keywords
Android application; Trusted Execution Environment; Privacy leak;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Jae Keun Lee and Eul Gyu Im. "A Study on the Exception About Android Sandbox systems," Proceedings of Symposium of the Korean Institute of communications and Information Sciences, pp.784-785, 2012.
2 Google, Android - Google Play Protect, "https://www.android.com/intl/ko_kr/play-protect/," last accessed Oct 2020.
3 Seongeun Kang, Nguyen Vu Long and Souhwan Jung. "Android Malware Detection Using Permission-Based Machine Learning Approach," Journal of the Korea Institute Information Security & Cryptology, vol.28, no.3, pp.617-623, 2018.   DOI
4 Mohamed Sabt, Mohammed Achemlal and Abdelmadjid Bouadballah. "Trusted Execution Environment: What It Is, and What It Is Not," 2015 IEEE Trustcom/BigDataSE/ISPA, vol.1, IEEE, 2015.
5 Tayde, Suchita and Seema Siledar. "File Encryption, Decryption Using AES Algorithm in Android Phone," International Journel of Advanced Research in computer science and software engineering, vol.5, no.5, pp.550-554, 2015.
6 Jongmun Jeong, Hoon Lee and Mintae Hwang. "Selective Management of System-level Access Permission in Android-based Application," The Korea Institute of Information and Communication Engineering, vol.20, no.1, pp.87-93, 2016.   DOI
7 Saba Arshad, Abid Khan, Munam Ali Shah and Mansoor Ahmed. "Android malware detection & protection: a survey," International Journal of Advanced Computer Science and Applications vol.7. no.2. pp.463-475. 2016.
8 Jin a Kang and Hyoungshick Kim. "A Study on Application Permissions for Android Devices," Journal of the Korean Information Science Society, pp.808-810, 2013.
9 Google, VirusTotal, "https://www.virustotal.com/," last accessed Oct 2020.
10 Jun Li, Lidong Zhai, Xinyou Zhang and Daiyong Quan. "Research of android malware detection based on network traffic monitoring," 2014 9th IEEE Conference on Industrial Electronics and Applications, IEEE, 2014.
11 Payet, Etienne and Fausto Spoto. "Static analysis of Android programs," Information and Software Technology vol.54, no.11, pp.1192-1201, 2012.   DOI
12 Chengcheng Wang and Yuquing Lan. "PFESG: Permission-based Android Malware Feature Extraction Algorithm," Proceedings of the 2017 VI International Conference on Network, Communication and Computing, pp.106-109, 2017.
13 Zarni Aung and Win Zaw. "Permission-based android malware detection," International Journal of Scientific & Technology Research, vol.2, no.3, pp,228-234, 2013.
14 Young Min Cho and Hun Yeong Kwon. "Machine Learning Based Malware Detection Using API Call Time Interval," Journal of the Korea Institute of information Security & Cryptology, vol.30, no.1, pp.51-58, 2020.   DOI
15 Kimberly Tam, Ali Feizollah, Nor Badrul Anuar, Rosli Salleh and Lorenzo Cavallaro. "The evolution of android malware and android analysis techniques," ACM Computing Surveys (CSUR) vol. 49, no.4, pp.1-41, 2017.
16 Konstantin Rubinov, Lucia Rosculete, Tulika Mitra and Abhik Roychoudhury. "Automated partitioning of android applications for trusted execution environments," 2016 IEEE/ACM 38th International Conference on Software Engineering (ICSE), IEEE, 2016.
17 Jin Soo Jang, Sunjune Kong, Minsu Kim, Daegyeong Kim and Brent Byunghoon Kang. "SeCReT: Secure Channel between Rich Execution Environment and Trusted Execution Environment," NDSS, 2015.