Collusive data leak and more: Large-scale threat analysis of inter-app communications

Amiangshu Bosu, Fang Liu, Danfeng Daphne Yao, Gang Wang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Inter-Component Communication (ICC) provides a message passing mechanism for data exchange between Android applications. It has been long believed that inter-app ICCs can be abused by malware writers to launch collusion attacks using two or more apps. However, because of the complexity of performing pairwise program analysis on apps, the scale of existing analyses is too small (e.g., up to several hundred) to produce concrete security evidence. In this paper, we report our findings in the first large-scale detection of collusive and vulnerable apps, based on inter-app ICC data flows among 110,150 real-world apps. Our system design aims to balance the accuracy of static ICC resolution/data-flow analysis and run-time scalability. This large-scale analysis provides real-world evidence and deep insights on various types of inter-app ICC abuse. Besides the empirical findings, we make several technical contributions, including a new open-source ICC resolution tool with improved accuracy over the state-of-the-art, and a large database of inter-app ICCs and their attributes.

Original languageEnglish (US)
Title of host publicationASIA CCS 2017 - Proceedings of the 2017 ACM Asia Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery, Inc
Pages71-85
Number of pages15
ISBN (Electronic)9781450349444
DOIs
StatePublished - Apr 2 2017
Externally publishedYes
Event2017 ACM Asia Conference on Computer and Communications Security, ASIA CCS 2017 - Abu Dhabi, United Arab Emirates
Duration: Apr 2 2017Apr 6 2017

Publication series

NameASIA CCS 2017 - Proceedings of the 2017 ACM Asia Conference on Computer and Communications Security

Other

Other2017 ACM Asia Conference on Computer and Communications Security, ASIA CCS 2017
CountryUnited Arab Emirates
CityAbu Dhabi
Period4/2/174/6/17

Keywords

  • Android
  • Collusion
  • Intent
  • Inter-app communication
  • Inter-component communication
  • Privilege escalation
  • Security

ASJC Scopus subject areas

  • Computer Science Applications
  • Information Systems
  • Computer Networks and Communications
  • Software

Fingerprint Dive into the research topics of 'Collusive data leak and more: Large-scale threat analysis of inter-app communications'. Together they form a unique fingerprint.

Cite this