Ghost Installer in the Shadow: Security Analysis of App Installation on Android

2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2017-06-26 DOI:10.1109/DSN.2017.33

Yeonjoon Lee, Tongxin Li, N. Zhang, Soteris Demetriou, Mingming Zha, Xiaofeng Wang, Kai Chen, Xiao-yong Zhou, Xinhui Han, M. Grace

{"title":"Ghost Installer in the Shadow: Security Analysis of App Installation on Android","authors":"Yeonjoon Lee, Tongxin Li, N. Zhang, Soteris Demetriou, Mingming Zha, Xiaofeng Wang, Kai Chen, Xiao-yong Zhou, Xinhui Han, M. Grace","doi":"10.1109/DSN.2017.33","DOIUrl":null,"url":null,"abstract":"Android allows developers to build apps with app installation functionality themselves with minimal restriction and support like any other functionalities. Given the critical importance of app installation, the security implications of the approach can be significant. This paper reports the first systematic study on this issue, focusing on the security guarantees of different steps of the App Installation Transaction (AIT). We demonstrate the serious consequences of leaving AIT development to individual developers: most installers (e.g., Amazon AppStore, DTIgnite, Baidu) are riddled with various security-critical loopholes, which can be exploited by attackers to silently install any apps, acquiring dangerous-level permissions or even unauthorized access to system resources. Surprisingly, vulnerabilities were found in all steps of AIT. The attacks we present, dubbed Ghost Installer Attack (GIA), are found to pose a realistic threat to Android ecosystem. Further, we developed both a user-app-level and a system-level defense that are innovative and practical.","PeriodicalId":426928,"journal":{"name":"2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN.2017.33","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

Android allows developers to build apps with app installation functionality themselves with minimal restriction and support like any other functionalities. Given the critical importance of app installation, the security implications of the approach can be significant. This paper reports the first systematic study on this issue, focusing on the security guarantees of different steps of the App Installation Transaction (AIT). We demonstrate the serious consequences of leaving AIT development to individual developers: most installers (e.g., Amazon AppStore, DTIgnite, Baidu) are riddled with various security-critical loopholes, which can be exploited by attackers to silently install any apps, acquiring dangerous-level permissions or even unauthorized access to system resources. Surprisingly, vulnerabilities were found in all steps of AIT. The attacks we present, dubbed Ghost Installer Attack (GIA), are found to pose a realistic threat to Android ecosystem. Further, we developed both a user-app-level and a system-level defense that are innovative and practical.

查看原文本刊更多论文

影子中的幽灵安装程序:Android应用程序安装的安全性分析

Android允许开发者自己开发带有应用安装功能的应用，而不像其他功能那样受到限制和支持。考虑到应用程序安装的重要性，该方法的安全含义可能非常重要。本文首次对这一问题进行了系统的研究，重点研究了应用程序安装交易(AIT)的不同步骤的安全保障。我们展示了将AIT开发留给个人开发人员的严重后果:大多数安装程序(例如，Amazon AppStore, DTIgnite，百度)充斥着各种安全关键漏洞，攻击者可以利用这些漏洞悄悄地安装任何应用程序，获得危险级别的权限，甚至未经授权访问系统资源。令人惊讶的是，在AIT的所有步骤中都发现了漏洞。我们提出的攻击，被称为幽灵安装程序攻击(GIA)，被发现对Android生态系统构成现实威胁。此外，我们开发了用户应用级和系统级防御，既创新又实用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

自引率

0.00%

发文量