IacDroid: Preventing Inter-App Communication capability leaks in Android

Abstract

Inter-App Communication (IAC) plays an important role in Android platform to share data and services among applications. However, the existence of IAC capability leaks could lead to the unauthorized privileged operations. In this paper, we first investigate the usage of IAC in Android applications to show the prevalence of IAC in the Android development model. To mitigate the threat caused by IAC capability leaks in Android, we develop a real-time monitoring and control system, called IacDroid, which distinguishes and prevents the IAC capability leak accurately in both third-party and in-rom applications at runtime. IacDroid extends the Binder IPC mechanism and the system service to construct context-based component call chains between multiple applications. By leveraging the call chains, the permission system is extended to detect and prevent the IAC capability leaks. IacDroid also presents an intuitive client-side solution to help users control the IAC capability leaks. We implement the prototype in Android 4.3, and present a comprehensive assessment with 500 Google Play applications and 36 malicious applications. The experimental results demonstrate that IacDroid can effectively prevent the IAC capability leaks with a negligible performance overhead.