Watch Out for Race Condition Attacks When Using Android External Storage

Abstract

Currently, in Android, applications (apps for short) rely heavily on external storage to provide their services. Race conditions are introduced by the inappropriate file operations. Through race conditions, the malicious app can manipulate the file content and induce the victim app to perform unexpected actions, which we callrace condition attack. Race condition attack can cause a series of security problems and prior work has already implemented some of them. From Android 10, Google has introduced scoped storage to defend against attacks based on external storage. However, considering current market shares of different Android versions, it is still a long way to have scoped storage deployed on each device. To protect current users from this kind of attack, it is essential to raise app developers' security awareness. Therefore, we conduct a comprehensive survey on race condition attack to learn about its current status over Android apps. We propose an analysis engine, named RECAST, which gathers file operation events on external storage and infers the associated file operation processes. With RECAST, we collect 5,359,339 file operation events over 105,963 files. From the analysis result, we find that, with the limited kinds of events, a tremendous number of unique file operating patterns (1,977) are constituted. Over these file operating patterns, the time window is much common and available to launch a series of attacks (94.26% of the tested files are vulnerable to this problem). Consequently, race condition attack has become a non-negligible issue for app developers when using Android external storage.