(2014) Scippa: System-Centric IPC Provenance on Android.
|
Text
bugiel14-acsac2.pdf - Published Version Download (1MB) | Preview |
Abstract
Google's Android OS provides a lightweight IPC mechanism called Binder, which enables the development of feature-rich apps that seamlessly integrate services and data of other apps. Whenever apps can act both as service consumers and service providers, it is inevitable that the IPC mechanism provides message receivers with message provenance information to establish trust. However, the Android OS currently fails in providing sufficient provenance information, which has led to a number of attacks. We present an extension to the Android IPC mechanism, called Scippa, that establishes IPC call-chains across application processes. Scippa provides provenance information required to effectively prevent recent attacks such as confused deputy attacks. Our solution constitutes a system-centric approach that extends the Binder kernel module and Android's message handlers. Scippa integrates seamlessly into the system architecture and our evaluation shows a performance overhead of only 2.23% on Android OS v4.2.2.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Additional Information: | pub_id: 142 Bibtex: BaBuGe_14:Scippa URL date: None |
| Uncontrolled Keywords: | cispa,exclude_test,group:infsec |
| Divisions: | Michael Backes (InfSec) |
| Conference: | ACSAC Annual Computer Security Applications Conference |
| Depositing User: | Sebastian Weisgerber |
| Date Deposited: | 26 Jul 2017 10:32 |
| Last Modified: | 18 Jul 2019 12:11 |
| Primary Research Area: | NRA4: Secure Mobile and Autonomous Systems |
| URI: | https://publications.cispa.saarland/id/eprint/864 |
Actions
Actions (login required)
 |
View Item |