Leave Me Alone: App- level Protection Against Runtime Information Gathering on Android NAN ZHANG, KAN YUAN, MUHAMMAD NAVEED†, XIAOYONG ZHOU AND XIAOFENG.

Leave Me Alone: App-level Protection Against

Runtime Information Gathering on Android

NAN ZHANG, KAN YUAN, MUHAMMAD NAVEED†, XIAOYONG ZHOU AND XIAOFENG WANG

INDIANA UNIVERSITY, BLOOMINGTON

INTRODUCTION• What is the Problem ?

• Threat to the mobile users – RIG

• App with the RECORD_AUDIO permission/ App with no permission

• RIG threats existence in popular IOT home security devices

Eg: Belkin Netcam, and Nest protect

• Current security model of Android

• New Approach – App Guardian

• Basic concept of App Guardian

CHALLENGES•

• OS-level solution is often complicated and painful as the manufactures have to customize to various devices

• Pushing the problem to the app developers is by no means a good idea. Eg, It cannot stop the recording of other app or adding noise to channel increases performance overhead.

Conventional solutions to the problem rely on modifying either the Android OS or the apps under the threat. But, this creates the compatibility issues

What’s unique ?• This App level protection Guard not touching the OS or the App in protection at all.

• Strategy to identify the suspicious apps by inspecting app’s permissions and behaviours

• Basic Concept in a nutshell: Pauses all background apps capable causing damage

• No matter what: RIG attack will be failed

Architecture of Guardian

App Restart Vs Switch

Lifecycle of Guardian App

How to protect the App Guardian itself ?

• startForeground• KILL_BACKGROUND_PROCESSES• System on low memory • largeHeap = "true“• restart intent

EVALUATION• Guardian evaluated over 475 most popular Android apps in 27 categories in the Google store

• 1.68% of the apps which has impact on the user information needed to be closed

• All types of RIG attacks that includes audio recording, Bluetooth misbonding have been defeated by this approach

• Performance: performance cost is as low as 5% of CPU time and 40 MB memory

EVALUATION

My Analysis • Lightweight response and no false alarms

• App with no system privileges could break Android’s application sandbox and circumvent an app-level protection.

• App guardian protected itself . Then why not malicious apps use the same trick ?

• This proposed solution is based on main assumption that most apps in market does not follow the trick of App guardian and this may lead to the FAILURE of this app.

• What if the malicious apps are released in the name of security apps but not actually securing the apps instead stealing data.

• These researchers have taken initiative to address the attacks in side channel

My Analysis• What if the user wants to record an important call, this Guardian in mobile restricts this functionality due to the protection against RIG attack.

• This simple mechanism of stopping and resuming the background apps focuses only on the issue of audio recording while using phone app, not considering other privacy leakages through the messages or file transfer through the Bluetooth.

• The guardian app does not quit even if the mobile runs on low memory. This can be considered as an advantage as well as disadvantage of this app.

• In general, there is no module included in this proposed system to differentiate the danger background processes from the legitimate one except for the case of audio record.

• If the Android OS takes an initiative to build the protection wall in the side channels, these attacks will not exist anymore so this research do not have a scope in future at all.

FUTURE WORK

Thank You