Possible threats found and mitigation

1. Tandhy Simanjuntak

2. Permissions in Android Security:
Threats and Solutions
Permissions
Threats
Solutions
Conclusion and Future Work

3. Permissions Allow apps to access resources
Limited access to resources
Installation time
User approval

4. System Permissions
URI Permissions
Self-declare Permissions
Permissions
Type

5. System
Permissions
URI Permissions
Self-declare
Permissions
Permissions
Type
Owned by system
Allow access to system resources
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.android.app.myapp" >
<uses-permission android:name="android.permission.RECEIVE_SMS" />
<uses-permission android:name="android.permission.INTERNET" />
</manifest>

6. System
Permissions
URI Permissions
Self-declare
Permissions
Permissions
Type
version name Version
number
API Level Total
Permissions
KitKat 4.4 19 145
Jelly Bean 4.3 18 134
4.2 17 130
4.1 16 130
Ice Cream Sandwich 4.0.3 15 124
4.0 14 122
Honeycomb 3.2 13 117
3.1 12 116
3.0 11 116
Gingerbread 2.3.4 10 115
2.3.3 9 115
Froyo 2.2 8 112

7. System
Permissions
URI Permissions
Self-declare
Permissions
Permissions
Type
Owned by system
Allow access to data without grant
permission to access content provider
Email app and document/pdf reader app

8. System
Permissions
URI Permissions
Self-declare
Permissions
Permissions
Type
Owned by apps
Allow processes to access apps resources
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.me.app.myapp" >
<permission
android:name="com.me.app.myapp.permission.CHANGE_ROOT_PASSWD"
android:label="@string/label_changeRootPasswd"
android:description="@string/description_changeRootPasswd"
android:permissionGroup="android.permission-group.PERSONAL_INFO"
android:protectionLevel="dangerous" />
</manifest>

9. Normal
Dangerous
Signature
Signature or System
Permissions
Protection
Level

10. Permissions
Request
Flow
1. Install an app
2. System check
permissions in
AndroidManifest.xml
3. System ask user
for approval
User
Approve ?
System grants all
permissions
System cancel the
installation
System continue to
installation process
and App is installed
System denies all
permissions
No
Yes

11. Permissions
Threats
Permission Re-delegation
Over-privilege
Permission inheritance

12. Permissions
Threats
A: an App
No INTERNET
permission
B: another App
INTERNET permission
A: Malicious App
No INTERNET
permission
Android System Services
INTERNET
Rejected
B: Vulnerable App
INTERNET permission
INTERNET
INTERNET
Accepted
AcceptedPermission
Re-delegation
Over-privilege
Permission
inheritance

13. Permissions
Threats
Flashlight App
Permission list:
FLASHLIGHT
INTERNET
ACCESS_FINE_LOCATION
READ_CONTACT
B: Social Media App
Permission list:
INTERNET
ACCESS_FINE_LOCATION
READ_CONTACT
READ_PROFILE
CAMERA
Over Privilege App
Permission
Re-delegation
Over-privilege
Permission
inheritance

14. Flashlight App
Permission list:
FLASHLIGHT
Social Media App
Permission list:
INTERNET
ACCESS_FINE_LOCATION
READ_CONTACT
READ_PROFILE
CAMERA
UID: 0123-4567-8910 UID: 0123-4567-8910
Permissions
Threats
Flashlight App
Permission list:
FLASHLIGHT
INTERNET
ACCESS_FINE_LOCATION
READ_CONTACT
READ_PROFILE
CAMERA
UID: 0123-4567-8910
Social Media App
Permission list:
INTERNET
ACCESS_FINE_LOCATION
READ_CONTACT
READ_PROFILE
CAMERA
FLASHLIGHT
UID: 0123-4567-8910
Permission
Re-delegation
Over-privilege
Permission
inheritance

15. Solutions Permission Re-delegation
Over-privilege
Permission inheritance

16. Solutions Type of solution
• System modification / Hook modification and services
• Android services
• Non-android application
Implementation level
• System/Kernel
• Application
• Separate system
Run-time mode
• Static
• Dynamic

17. Permission
Re-delegation
Over-privilege
Permission
inheritance
Solutions Name Type of Solution Implementation Running mode
IPC Inspection System modification System Dynamic
Quire System modification System Dynamic

18. Solutions Name Type of Solution Implementation Running mode
Webifest Manifest file Application Static
Stowaway Non-android apps Separate system Static
Pscout Non-android apps Separate system Static
RefineDroid Non-android apps Separate system Static
Mr. Hide Android service Application Dynamic
Dr. Android Non-android apps Separate system Static
Apex System modification System Static
SAINT System modification System Static and Dynamic
Analysis Tool Non-android apps Separate system Static
Permission
Re-delegation
Over-privilege
Permission
inheritance

19. Solutions
Sign with different keys
• Android apps
• Application
• Static
Permission
Re-delegation
Over-privilege
Permission
inheritance

20. Solutions
-
Complete
Matrix
Threats Proposed Solution Type of Solution Implementation Level Solution Running mode Ref
Permission Re-
delegation
IPC Inspection System modification System level Dynamic [9]
Quire System modification System level Dynamic [18]
Over Privilege Webifest website manifest file Application level Static [11]
Stowaway Non-android application Separate system Static [12]
PScout Non-android application Separate system Static [13]
RefineDroid Non-android application Separate system Static [14]
Mr. Hide Android service Application level Dynamic [14]
Dr. Android Non-android application Separate system Static [14]
Apex System modification System level Static [20]
SAINT System modification System level Static and Dynamic [17]
Static analysis tool Non-android application Separate system Static [23]
Permission
inheritance
Sign apps with different
keys
android apps Application level Static [16]

21. Conclusio
n 3 threats found
Numbers of solutions
Different implementation level

22. Future
Work Combination of solutions
Are solutions implemented?
Cost matrix of solutions: performance,
speed, power consumption, complexity