nach oben

Erschienen in:

2017 | OriginalPaper | Buchkapitel

H-Binder: A Hardened Binder Framework on Android Systems

verfasst von : Dong Shen, Zhangkai Zhang, Xuhua Ding, Zhoujun Li, Robert Deng

Erschienen in: Security and Privacy in Communication Networks

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The Binder framework is at the core of Android systems due to its fundamental role for interprocess communications. Applications use the Binder to perform high level tasks such as accessing location information. The importance of the Binder makes it an attractive target for attackers. Rootkits on Android platforms can arbitrarily access any Binder transaction data and therefore have system-wide security impact. In this paper, we propose H-Binder to secure the Binder IPC channel between two applications. It runs transparently with Android and COTS applications without making changes on their binaries. In this work, we design a bare-metal ARM hypervisor with a tiny code base at runtime. The hypervisor interposes on the main steps of a Binder transaction by leveraging ARM hardware virtualization techniques. It protects secrecy and integrity of the Binder transaction data. We have implemented a prototype of the H-Binder hypervisor and tested its performance. The experiment results show that H-Binder incurs an insignificant overhead to the applications.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel AppShield: Enabling Multi-entity Access Control Cross Platforms for Mobile App Management

Nächstes Kapitel Exploiting Android System Services Through Bypassing Service Helpers

In ARM architecture, TTBR0 points to the translation tables used by the current running user process and the Translation Table Base Register 1 (TTBR1) points to the translation tables used by the kernel.

https://github.com/ramnathv/rMaps.

Architecture Reference Manual (ARMv7-A and ARMv7-R edition). ARM DDI C (2008)

Andrus, J., Dall, C., Hof, A.V., Laadan, O., Nieh, J.: Cells: a virtual mobile smartphone architecture. In: 23rd ACM Symposium on Operating Systems Principles, pp. 173–187. ACM (2011)

Fast Models - ARM. http://www.arm.com/products/tools/models/fast-models/

Artenstein, N., Revivo, I.: Man in the Binder: He Who Controls IPC, Controls the Droid. Black Hat (2014)

Backes, M., Bugiel, S., Gerling, S.: Scippa: system-centric IPC provenance on android. In: 30th Annual Computer Security Applications Conference, pp. 36–45. ACM (2014)

Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., et al.: Xen and the art of virtualization. ACM SIGOPS Oper. Syst. Rev. 37(5), 164–177 (2003)CrossRef

Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.R., Shastry, B.: Towards taming privilege-escalation attacks on android. In: 19th Annual Network and Distributed System Security Symposium, pp. 346–360 (2012)

Bugiel, S., Heuser, S., Sadeghi, A.R.: Flexible and fine-grained mandatory access control on android for diverse security and privacy policies. In: 22nd USENIX Security Symposium, pp. 131–146 (2013)

Chen, X., Garfinkel, T., Lewis, E.C., Subrahmanyam, P., Waldspurger, C.A., Boneh, D., et al.: Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems. ACM SIGPLAN Not. 36(1), 2–13 (2008)CrossRef

10.

Cheng, Y., Ding, X., Deng, R.H.: DriverGuard: a fine-grained protection on I/O flows. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 227–244. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23822-2_13 CrossRef

11.

Cheng, Y., Ding, X., Deng, R.H.: Efficient virtualization-based application protection against untrusted operating system. In: 10th ACM Symposium on Information, Computer and Communications Security, pp. 345–356. ACM (2015)

12.

Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in android. In: 9th International Conference on Mobile Systems, Applications, and Services, pp. 239–252. ACM (2011)

13.

Dall, C., Nieh, J.: KVM/ARM: the design and implementation of the linux ARM hypervisor. ACM SIGPLAN Not. 49(4), 333–348. ACM (2014)

14.

Dietz, M., Shekhar, S., Pisetsky, Y., Shu, A., Wallach, D.S.: QUIRE: Lightweight Provenance for Smart Phone Operating Systems. USENIX Security Symposium (2011)

15.

Ding, J.H., Lin, C.J., Chang, P.H., Tsang, C.H., Hsu, W.C., Chung, Y.C.: ARMvisor: system virtualization for ARM. In: Proceedings of the Ottawa Linux Symposium, pp. 93–107 (2012)

16.

Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.G., Cox, L.P., et al.: Taintdroid: an information flow tracking system for real-time privacy monitoring on smartphones. ACM Trans. Comput. Syst. 32(2), 99–106 (2014)CrossRef

17.

Felt, A.P., Wang, H.J., Moshchuk, A., Hanna, S., Chin, E.: Permission re-delegation: attacks and defenses. USENIX Secur. Symp. 6, 12–16 (2011)

18.

Grace, M.C., Zhou, Y., Wang, Z., Jiang, X.: Systematic detection of capability leaks in stock android smartphones. In: 19th Annual Network and Distributed System Security Symposium (2012)

19.

Hardy, N.: The confused deputy: (or Why capabilities might have been invented). ACM SIGOPS Oper. Syst. Rev. 22(4), 36–38 (1988)CrossRef

20.

Hofmann, O.S., Kim, S., Dunn, A.M., Lee, M.Z., Witchel, E.: Inktag: secure applications on an untrusted operating system. ACM SIGARCH Comput. Archit. News 41(1), 265–278. ACM (2013)

21.

Hornyack, P., Han, S., Jung, J., Schechter, S., Wetherall, D.: These aren’t the droids you’re looking for: retrofitting android to protect data from imperious applications. In: 18th ACM Conference on Computer and Communications Security, pp. 639–652. ACM (2011)

22.

Hwang, J.Y., Suh, S.B., Heo, S.K., Park, C.J., Ryu, J.M., Park, S.Y., Kim, C.R.: Xen on ARM: system virtualization using Xen hypervisor for ARM-based secure mobile phones. In: 5th IEEE Consumer Communications and Networking Conference, pp. 257–261. IEEE (2008)

23.

Lee, H.C., Kim, C.H., Yi, J.H.: Experimenting with system and Libc call interception attacks on ARM-based linux kernel. In: Proceedings of the 2011 ACM Symposium on Applied Computing, pp. 631–632. ACM (2011)

24.

Li, W.X., Wang, J.B., Mu, D.J., Yuan, Y.: Survey on Android Rootkit. Microprocessors (2011)

25.

Roesner, F., Kohno, T., Moshchuk, A., Parno, B., Wang, H.J., Cowan, C.: User-driven access control: rethinking permission granting in modern operating systems. In: 33rd IEEE Security and Privacy, pp. 224–238. IEEE (2012)

26.

Rosa, T.: Android binder security note: on passing binder through another binder (2011)

27.

Rossier, D.: EmbeddedXEN: A Revisited Architecture of the Xen Hypervisor to Support ARM-Based Embedded Virtualization. White Paper, Switzerland (2012)

28.

Schreiber, T.: Android binder-android interprocess communication. Seminar thesis, Ruhr-Universität Bochum (2011)

29.

Shneiderman, B.: Designing the User Interface: Strategies for Effective Human-Computer Interaction. Pearson Education, India (2010)

30.

Tam, K., Khan, S.J., Fattori, A., Cavallaro, L.: CopperDroid: automatic reconstruction of android malware behaviors. In: 22nd Annual Network and Distributed System Security Symposium (2015)

31.

Varanasi, P., Heiser, G.: Hardware-supported virtualization on ARM. In: 2nd Asia-Pacific Workshop on Systems (2011)

32.

Wang, Y., Hariharan, S., Zhao, C., Liu, J., Du, W.: Compac: enforce component-level access control in android. In: 4th ACM Conference on Data and Application Security and Privacy, pp. 25–36. ACM (2014)

33.

Wei, X., Gomez, L., Neamtiu, I., Faloutsos, M.: Permission evolution in the android ecosystem. In: 28th Annual Computer Security Applications Conference, pp. 31–40. ACM (2012)

34.

You, D.H., Noh, B.N.: Android platform based linux kernel rootkit. In: 6th International Conference on Malicious and Unwanted Software, pp. 79–87. IEEE (2011)

35.

Zhang, Y., Yang, M., Xu, B., Yang, Z., Gu, G., Ning, P., et al.: Vetting undesirable behaviors in android apps with permission use analysis. In: 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 611–622. ACM (2013)

36.

Zhou, Z., Gligor, V.D., Newsome, J., McCune, J.M.: Building verifiable trusted path on commodity x86 computers. In: 33rd IEEE Symposium on Security and Privacy, pp. 616–630. IEEE (2012)

Titel: H-Binder: A Hardened Binder Framework on Android Systems
verfasst von: Dong Shen
Zhangkai Zhang
Xuhua Ding
Zhoujun Li
Robert Deng
Verlag: Springer International Publishing
Buch: Security and Privacy in Communication Networks
Print ISBN: 978-3-319-59607-5

Electronic ISBN: 978-3-319-59608-2

Copyright-Jahr: 2017
DOI: https://doi.org/10.1007/978-3-319-59608-2_2

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"